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Preface 



Logic appears in a ‘sacred’ and in a ‘profane’ form; the sacred form is domi- 
nant in proof theory, the profane form in model theory. The phenomenon is 
not unfamiliar, one observes this dichotomy also in other areas, e.g. set the- 
ory and recursion theory. Some early catastrophies, such as the discovery of 
the set theoretical paradoxes (Cantor, Russell), or the definability paradoxes 
(Richard, Berry), make us treat a subject for some time with the utmost 
awe and diffidence. Sooner or later, however, people start to treat the mat- 
ter in a more free and easy way. Being raised in the ‘sacred’ tradition, my 
first encounter with the profane tradition was something like a culture shock. 
Hartley Rogers introduced me to a more relaxed world of logic by his example 
of teaching recursion theory to mathematicians as if it were just an ordinary 
course in, say, linear algebra or algebraic topology. In the course of time I have 
come to accept this viewpoint as the didactically sound one: before going into 
esoteric niceties one should develop a certain feeling for the subject and ob- 
tain a reasonable amount of plain working knowledge. For this reason this 
introductory text sets out in the profane vein and tends towards the sacred 
only at the end. 

The present book has developed out of courses given at the mathematics 
department of Utrecht University. The experience drawn from these courses 
and the reaction of the participants suggested strongly that one should not 
practice and teach logic in isolation. As soon as possible examples from every- 
day mathematics should be introduced; indeed, first-order logic finds a rich 
field of applications in the study of groups, rings, partially ordered sets, etc. 

The role of logic in mathematics and computer science is two- fold — a tool 
for applications in both areas, and a technique for laying the foundations. The 
latter role will be neglected here, we will concentrate on the daily matters of 
formalised (or formalizable) science. Indeed, I have opted for a practical ap- 
proach, — I will cover the basics of proof techniques and semantics, and then 
go on to topics that are less abstract. Experience has taught us that the nat- 
ural deduction technique of Gentzen lends itself best to an introduction, it is 
close enough to actual informal reasoning to enable students to devise proofs 
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by themselves. Hardly any artificial tricks are involved and at the end there 
is the pleasing discovery that the system has striking structural properties, 
in particular it perfectly suits the constructive interpretation of logic and it 
allows normal forms. The latter topic has been added to this edition in view of 
its importance in theoretical computer science. In chapter 3 we already have 
enough technical power to obtain some of the traditional and (even today) 
surprising model theoretic results. 

The book is written for beginners without knowledge of more advanced 
topics, no esoteric set theory or recursion theory is required. The basic in- 
gredients are natural deduction and semantics, the latter is presented in con- 
structive and classical form. 

In chapter 5 intuitionistic logic is treated on the basis of natural deduction 
without the rule of Reductio ad absurdum, and of Kripke semantics. Intuition- 
istic logic has gradually freed itself from the image of eccentricity and now it 
is recognised for its usefulness in e.g., topos theory and type theory, hence its 
inclusion in a introductory text is fully justified. The final chapter, on normali- 
sation, has been added for the same reasons; normalisation plays an important 
role in certain parts of computer science; traditionally normalisation (and cut 
elimination) belong to proof theory, but gradually applications in other areas 
have been introduced. In chapter 6 we consider only weak normalisation, a 
number of easy applications is given. 

Various people have contributed to the shaping of the text at one time 
or another; Dana Scott, Jane Bridge, Henk Barendregt and Jeff Zucker have 
been most helpful for the preparation of the first edition. Since then many 
colleagues and students have spotted mistakes and suggested improvements; 
this edition benefited from the remarks of Eleanor McDonnell, A. Scedrov and 
Karst Koymans. To all of these critics and advisers I am grateful. 

Progress has dictated that the traditional typewriter should be replaced 
by more modern devices; this book has been redone in DT[;]X by Addie Dekker 
and my wife Doke. Addie led the way with the first three sections of chap- 
ter one and Doke finished the rest of the manuscript; I am indebted to both 
of them, especially to Doke who found time and courage to master the se- 
crets of the DTeX trade. Thanks go to Leen Kievit for putting together the 
derivations and for adding the finer touches required for a IMJijX manuscript. 
Paul Taylor’s macro for proof trees has been used for the natural deduction 
derivations. 

June 1994 Dirk van Dalen 

The conversion to has introduced a number of typos that are corrected 

in the present new printing. Many readers have been so kind to send me their 
collection of misprints, I am grateful to them for their help. In particular I want 
to thank Jan Smith, Vincenzo Scianna, A. Ursini, Mohammad Ardeshir, and 
Norihiro Kamide. Here in Utrecht my logic classes have been very helpful; in 
particular Marko Hollenberg, who taught part of a course, has provided me 
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with useful comments. Thanks go to them too. 

I have used the occasion to incorporate a few improvements. The definition 
of ‘subformula’ has been streamlined - together with the notion of positive 
and negative occurrence. There is also a small addendum on ‘induction on the 
rank of a formula’. 

January 1997 Dirk van Dalen 

At the request of users I have added a chapter on the incompleteness of arith- 
metic. It makes the book more self-contained, and adds useful information on 
basic recursion theory and arithmetic. The coding of formal arithmetic makes 
use of the exponential; this is not the most efficient coding, but for the heart 
of the argument that is not of the utmost importance. In order to avoid extra 
work the formal system of arithmetic contains the exponential. As the proof 
technique of the book is that of natural deduction, the coding of the notion 
of derivability is also based on it. There are of course many other approaches. 
The reader is encouraged to consult the literature. 

The material of this chapter is by and large that of a course given in Utrecht 
in 1993. Students have been most helpful in commenting on the presentation, 
and in preparing versions. W. Dean has kindly pointed out some more 
corrections in the old text. 

The final text has benefited from comments and criticism of a number 
of colleagues and students. I am grateful for the advice of Lev Beklemishev, 
John Kuiper, Craig Smoryhski, and Albert Visser. Thanks are due to Xander 
Schrijen, whose valuable assistance helped to overcome the TgX-problems. 

May 2003 Dirk van Dalen 

A number of corrections has been provided by Tony Hurkens; furthermore, I 
am indebted to him and Harold Hodes for pointing out that the definition of 
“free for” was in need of improvement. Sjoerd Zwart found a nasty typo that 
had escaped me and all (or most) readers. 
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Introduction 



Without adopting one of the various views advocated in the foundations of 
mathematics, we may agree that mathematicians need and use a language, if 
only for the communication of their results and their problems. While math- 
ematicians have been claiming the greatest possible exactness for their meth- 
ods, they have been less sensitive as to their means of communication. It is well 
known that Leibniz proposed to put the practice of mathematical communi- 
cation and mathematical reasoning on a firm base; it was, however, not before 
the nineteenth century that those enterprises were (more) successfully under- 
taken by G. Frege and G. Peano. No matter how ingeniously and rigorously 
Frege, Russell, Hilbert, Bernays and others developed mathematical logic, it 
was only in the second half of this century that logic and its language showed 
any features of interest to the general mathematician. The sophisticated re- 
sults of Godel were of course immediately appreciated, but they remained for 
a long time technical highlights without practical use. Even Tarski’s result 
on the decidability of elementary algebra and geometry had to bide its time 
before any applications turned up. 

Nowadays the application of logic to algebra, analysis, topology, etc. are 
numerous and well-recognised. It seems strange that quite a number of simple 
facts, within the grasp of any student, were overlooked for such a long time. 
It is not possible to give proper credit to all those who opened up this new 
territory, any list would inevitably show the preferences of the author, and 
neglect some fields and persons. 

Let us note that mathematics has a fairly regular, canonical way of formu- 
lating its material, partly by its nature, partly under the influence of strong 
schools, like the one of Bourbaki. Furthermore the crisis at the beginning of 
this century has forced mathematicians to pay attention to the finer details of 
their language and to their assumptions concerning the nature and the extent 
of the mathematical universe. This attention started to pay off when it was 
discovered that there was in some cases a close connection between classes of 
mathematical structures and their syntactical description. Here is an example: 

It is well known that a subset of a group G which is closed under 
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multiplication and inverse, is a group; however, a subset of an algebraically 
closed field F which is closed under sum, product, minus and inverse, is in 
general not an algebraically closed field. This phenomenon is an instance of 
something quite general: an axiomatizable class of structures is axiomatised 
by a set of universal sentences (of the form Vxi, . . . ,Xn^, with ip quantifier 
free) iff it is closed under substructures. If we check the axioms of group the- 
ory we see that indeed all axioms are universal, while not all the axioms of 
the theory of algebraically closed fields are universal. The latter fact could of 
course be accidental, it could be the case that we were not clever enough to 
discover a universal axiomatization of the class of algebraically closed fields. 
The above theorem of Tarski and Los tells us, however, that it is impossible 
to find such an axiomatization! 

The point of interest is that for some properties of a class of structures 
we have simple syntactic criteria. We can, so to speak, read the behaviour 
of the real mathematical world (in some simple cases) off from its syntactic 
description. 

There are numerous examples of the same kind, e.g. Lyndon’s Theorem: 
an axiomatisable class of structures is closed under homomorphisms iff it can 
be axiomatised by a set of positive sentences (i.e. sentences which, in prenex 
normal form with the open part in disjunctive normal form, do not contain 
negations) . 

The most basic and at the same time monumental example of such a 
connection between syntactical notions and the mathematical universe is of 
course Gddel’s eompleteness theorem, which tells us that provability in the 
familiar formal systems is extensionally identical with truth in all structures. 
That is to say, although provability and truth are totally different notions, (the 
first is combinatorial in nature, the latter set theoretical), they determine the 
same class of sentences: p is provable iff p is true in all structures. 

Given the fact that the study of logic involves a great deal of syntactical 
toil, we will set out by presenting an efficient machinery for dealing with 
syntax. We use the technique of inductive definitions and as a consequence 
we are rather inclined to see trees wherever possible, in particular we prefer 
natural deduction in the tree form to the linear versions that are here and 
there in use. 

One of the amazing phenomena in the development of the foundations 
of mathematics is the discovery that the language of mathematics itself can 
be studied by mathematical means. This is far from a futile play: Godel’s 
incompleteness theorems, for instance, lean heavily on a mathematical analysis 
of the language of arithmetic, and the work of Godel and Gohen in the field 
of the independence proofs in set theory requires a thorough knowledge of the 
mathematics of mathematical language. Set theory remains beyond the scope 
of this book, but a simple approach to the incompleteness of arithmetic has 
been included. We will aim at a thorough treatment, in the hope that the 
reader will realise that all these things which he suspects to be trivial, but 
cannot see why, are perfectly amenable to proof. It may help the reader to 



0 Introduction 



3 



think of himself as a computer with great mechanical capabilities, but with 
no creative insight, in those cases where he is puzzled because ‘why should we 
prove something so utterly evident’ ! On the other hand the reader should keep 
in mind that he is not a computer and that, certainly when he gets beyond 
chapter 2, certain details should be recognised as trivial. 

For the actual practice of mathematics predicate logic is doubtlessly the 
perfect tool, since it allows us to handle individuals. All the same we start 
this book with an exposition of propositional logic. There are various reasons 
for this choice. 

In the first place propositional logic offers in miniature the problems that 
we meet in predicate logic, but there the additional difficulties obscure some 
of the relevant features e.g. the completeness theorem for propositional logic 
already uses the concept of ‘maximal consistent set’, but without the compli- 
cations of the Henkin axioms. 

In the second place there are a number of truly propositional matters that 
would be difficult to treat in a chapter on predicate logic without creating 
a impression of discontinuity that borders on chaos. Finally it seems a mat- 
ter of sound pedagogy to let propositional logic precede predicate logic. The 
beginner can in a simple context get used to the proof theoretical, algebraic 
and model theoretic skills that would be overbearing in a first encounter with 
predicate logic. 

All that has been said about the role of logic in mathematics can be re- 
peated for computer science; the importance of syntactical aspects is even 
more pronounced than in mathematics, but it does not stop there. The lit- 
erature of theoretical computer science abounds with logical systems, com- 
pleteness proofs and the like. In the context of type theory (typed lambda 
calculus) intuitionistic logic has gained an important role, whereas the tech- 
nique of normalisation has become a staple diet for computer scientists. 
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1.1 Propositions and Connectives 

Traditionally, logic is said to be the art (or study) of reasoning; so in order 
to describe logic in this tradition, we have to know what ‘reasoning’ is. Ac- 
cording to some traditional views reasoning consists of the building of chains 
of linguistic entities by means of a certain relation follows from a view 
which is good enough for our present purpose. The linguistic entities occurring 
in this kind of reasoning are taken to be sentences, i.e. entities that express a 
complete thought, or state of affairs. We call those sentences declarative. This 
means that, from the point of view of natural language our class of acceptable 
linguistic objects is rather restricted. 

Fortunately this class is wide enough when viewed from the mathemati- 
cian’s point of view. So far logic has been able to get along pretty well under 
this restriction. True, one cannot deal with questions, or imperative state- 
ments, but the role of these entities is negligible in pure mathematics. I must 
make an exception for performative statements, which play an important role 
in programming; think of instructions as ‘goto, if ... then, else ...’, etc. For 
reasons given below, we will, however, leave them out of consideration. 

The sentences we have in mind are of the kind ‘27 is a square number’, 
‘every positive integer is the sum of four squares’, ‘there is only one empty 
set’. A common feature of all those declarative sentences is the possibility of 
assigning them a truth value, true or false. We do not require the actual deter- 
mination of the truth value in concrete cases, such as for instance Goldbach’s 
conjecture or Riemann’s hypothesis. It suffices that we can ‘in principle’ as- 
sign a truth value. 

Our so-called two-valued logic is based on the assumption that every sen- 
tence is either true or false, it is the cornerstone of the practice of truth tables. 

Some sentences are minimal in the sense that there is no proper part which 
is also a sentence, e.g. 5 G {0, 1, 2, 5, 7}, or 2-1-2 = 5; others can be taken apart 
into smaller parts, e.g. ‘c is rational or c is irrational’ (where c is some con- 
stant). Conversely, we can build larger sentences from smaller ones by using 
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connectives. We know many connectives in natural language; the following list 
is by no means meant to be exhaustive: and, or, not, if ■■■ then ..., but, since, 
as, for, although, neither ... nor ... .In ordinary discourse, and also in infor- 
mal mathematics, one uses these connectives incessantly; however, in formal 
mathematics we will economise somewhat on the connectives we admit. This 
is mainly for reason of exactness. Compare, for example, the following two 
sentences: “tt is irrational, but it is not algebraic”, “Max is a Marxist, but he 
is not humourless” . In the second statement we may discover a suggestion of 
some contrast, as if we should be surprised that Max is not humourless. In the 
first case such a surprise cannot be so easily imagined (unless, e.g. one has just 
read that almost all irrationals are algebraic); without changing the meaning 
one can transform this statement into “tt is irrational and tt is not algebraic” . 
So why use (in a formal text) a formulation that carries vague, emotional un- 
dertones? For these and other reasons (e.g. of economy) we stick in logic to a 
limited number of connectives, in particular those that have shown themselves 
to be useful in the daily routine of formulating and proving. 

Note, however, that even here ambiguities loom. Each of the connectives 
has already one or more meanings in natural language. We will give some 
examples: 

1. John drove on and hit a pedestrian. 

2. John hit a pedestrian and drove on. 

3. If I open the window then we’ll have fresh air. 

4. If I open the window then I -|- 3 = 4. 

5. If I -I- 2 = 4, then we’ll have fresh air. 

6. John is working or he is at home. 

7. Euclid was a Greek or a mathematician. 

From 1 and 2 we conclude that ‘and’ may have an ordering function in time. 
Not so in mathematics; “tt is irrational and 5 is positive” simply means that 
both parts are the case. Time just does not play a role in formal mathematics. 
We could not very well say “tt was neither algebraic nor transcendent before 
1882”. What we would want to say is “before 1882 it was unknown whether 
7T was algebraic or transcendent” . 

In the examples 3-5 we consider the implication. Example 3 will be gener- 
ally accepted, it displays a feature that we have come to accept as inherent to 
implication: there is a relation between the premise and conclusion. This fea- 
ture is lacking in the examples 4 and 5. Nonetheless we will allow cases such 
as 4 and 5 in mathematics. There are various reasons to do so. One is the 
consideration that meaning should be left out of syntactical considerations. 
Otherwise syntax would become unwieldy and we would run into an esoteric 
practice of exceptional cases. This general implication, in use in mathemat- 
ics, is called material implication. Some other implications have been studied 
under the names of strict implication, relevant implication, etc. 

Finally 6 and 7 demonstrate the use of ‘or’. We tend to accept 6 and to 
reject 7. One mostly thinks of ‘or’ as something exclusive. In 6 we more or 
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less expect John not to work at home, while 7 is unusual in the sense that we 
as a rule do not use ‘or’ when we could actually use ‘and’. Also, we normally 
hesitate to use a disjunction if we already know which of the two parts is the 
case, e.g. “32 is a prime or 32 is not a prime” will be considered artificial (to 
say the least) by most of us, since we already know that 32 is not a prime. Yet 
mathematics freely uses such superfluous disjunctions, for example “2 > 2” 
(which stands for “2 > 2 or 2 = 2”). 

In order to provide mathematics with a precise language we will create an 
artificial, formal language, which will lend itself to mathematical treatment. 
First we will define a language for propositional logic, i.e. the logic which 
deals only with propositions (sentences, statements). Later we will extend our 
treatment to a logic which also takes properties of individuals into account. 

The process of formalization of propositional logic consists of two stages: 
(1) present a formal language, (2) specify a procedure for obtaining valid or 
true propositions. 

We will first describe the language, using the technique of inductive def- 
initions. The procedure is quite simple: First give the smallest propositions, 
which are not decomposable into smaller propositions; next describe how com- 
posite propositions are constructed out of already given propositions. 



Definition 1.1.1 The language of propositional logic has an alphabet consist- 
ing of 

(i) proposition symbols .' poj Pi, P 2 , ■ ■ • , 

(ii) connectives .•A,V,^,-i,<-^,T, 

(Hi) auxiliary symbols : { , ). 

The connectives carry traditional names: 

A - and - conjunction 

V - or - disjunction 

- if ■■■, then ... - implication 

- not - negation 

^ - iff - equivalence, bi-implication 

T - falsity - falsum, absurdum 

The proposition symbols and T stand for the indecomposable propositions, 
which we call atoms, or atomic propositions. 



Definition 1.1.2 The set PROP of propositions is the smallest set X with 
the properties 

(i) p. G X{i G N), TG a, 

{a) ip, if £ X ^ (p A -(/>), (v? V V'), {ip^tp), (ip^ip) £ X, 

{Hi) <p £ X ^ (^p) G A. 

The clauses describe exactly the possible ways of building propositions. In 
order to simplify clause {ii) we write ip, ip £ X ^ {ip\I\ip) £ X, where □ is one 
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of the connectives A, V, 

A warning to the reader is in order here. We have used Greek letters if) 
in the definition; are they propositions? Clearly we did not intend them to be 
so, as we want only those strings of symbols obtained by combining symbols 
of the alphabet in a correct way. Evidently no Greek letters come in at all! 
The explanation is that ip and tp are used as variables for propositions. Since 
we want to study logic, we must use a language to discuss it in. As a rule 
this language is plain, everyday English. We call the language used to discuss 
logic our meta-language and ip and tp ^'I'e meta-variables for propositions. We 
could do without meta-variables by handling (ii) and (iii) verbally: if two 
propositions are given, then a new proposition is obtained by placing the 
connective A between them and by adding brackets in front and at the end, 
etc. This verbal version should suffice to convince the reader of the advantage 
of the mathematical machinery. 

Note that we have added a rather unusual connective, T. Unusual, in 
the sense that it does not connect anything. Logical constant would be a 
better name. For uniformity we stick to our present usage. T is added for 
convenience, one could very well do without it, but it has certain advantages. 
One may note that there is something lacking, namely a symbol for the true 
proposition; we will indeed add another symbol, T, as an abbreviation for the 
’’true” proposition. 

Examples. 

(P7 ^ Po), ((-L Vp32) A i^P 2 )) G PROP. 

Pi ^ P7, -L, ((^ A ^ PROP 

It is easy to show that something belongs to PROP (just carry out the 
construction according to 1.1.2); it is somewhat harder to show that something 
does not belong to PROP. We will do one example: 

PROP. 

Suppose TG X and X satisfies (i), (ii), (iii) of Definition 1.1.2. We 
claim that Y = X — T} also satisfies (i), (ii) and (iii). Since J-,Pi G X, 
also -L,Pi G Y . If p,ip G y, then ip,ip G X. Since X satisfies (ii) {pY\ip) G X. 
From the form of the expressions it is clear that {ipYlip) ^ T (look at the 
brackets), so {pDip) G X — {-i-> T} = Y . Likewise one shows that Y satisfies 
(iii). Hence X is not the smallest set satisfying (i), (ii) and (iii), so T 
cannot belong to PROP. 

Properties of propositions are established by an inductive procedure anal- 
ogous to definition 1.1.2: first deal with the atoms, and then go from the parts 
to the composite propositions. This is made precise in 
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Theorem 1.1.3 (Induction Principle) Let A be a property, then A{ip) 
holds for all ip G PROP if 

(i) A{pi), for all i,and ^(-L), 

\ii) A{ip), A{f}) A{{pUfi)), 

{in) A{p) =P A((^V5))- 

Proof. Let X = {p G PROP \ A{p)}, then X satisfies (i), (ii) and (iii) of 
definition 1.1.2. So PROP C X, i.e. for all p G PROP A{p) holds. □ 

We call an application of theorem 1.1.3 a proof by induction on p. The 
reader will note an obvious similarity between the above theorem and the 
principle of complete induction in arithmetic. 

The above procedure for obtaining all propositions, and for proving 
properties of propositions is elegant and perspicuous; there is another ap- 
proach, however which has its own advantages (in particular for coding): 
consider propositions as the result of a linear step-by-step construction. E.g. 
( i^Pa) ~^-L) is constructed by assembling it from its basic parts by using 
previously constructed parts: po • ■ • -L ■ • ■ (^Po) • ■ • ( (^Po) ^-L)- This is for- 
malized as follows: 



Definition 1.1.4 A sequence po, . . . , pn is called a formation sequence of p 
if Pn = P o-nd for all i < n pi is atomic, or 

Pi = {pj\3pk) for certain j, k < i, or 
Pi = {~'Pj) for certain j < i. 

Observe that in this definition we are considering strings p of symbols 
from the given alphabet; this mildly abuses our notational convention. 

Examples, (a) _L,p 2 ,P 3 ,(_L Vp 2 ),(^(J- Vp 2 )),(^ps) and pa, (^ps) are both 
formation sequences of (^Pa). Note that formation sequences may contain 
‘garbage’. 

(b) p 2 is a subformula of ((p 7 V (^P 2 )) ^ Pi); (pi ~ ^-L) is a subformula of 
(((P2 V (pi Apo)) ^ (pi ^-L)). 

We now give some trivial examples of proof by induction. In practice we 
actually only verify the clauses of the proof by induction and leave the con- 
clusion to the reader. 

1. Each proposition has an even number of brackets. 

Proof, (i) Each atom has 0 brackets and 0 is even. 

(ii) Suppose p and ip have 2n, resp. 2m brackets, then {pDip) has 
2(n -I- m -I- 1) brackets. 

(iii) Suppose p has 2n brackets, then {^p) has 2{n + 1) brackets. □ 

2. Each proposition has a formation sequence. 

Proof, (i) If p is an atom, then the sequence consisting of just p is a formation 
sequence of p. 

(ii) Let po, . . . ,pn and ipo, . . . , ipm be formation sequences of p and ip, 
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then one easily sees that ipo, . . . ,ipn, 'i/'o, • ■ • , V'mj {‘finOipm) is a formation 
sequence of 

(iii) Left to the reader. □ 

We can improve on 2: 



Theorem 1.1.5 PROP is the set of all expressions having formation se- 
quences. 

Proof. Let F be the set of all expressions (i.e. strings of symbols) having 
formation sequences. We have shown above that PROP C F. 

Let (p have a formation sequence ipo, . . . ,ipn, we show cp G PROP by 
induction on n. 

n = 0 \ p = pq and by definition p is atomic, &o p G PROP. 

Suppose that all expressions with formation sequences of length m < n 
are in PROP. By definition pn = {pfCipj) for i,j < n, or pn = {~^Pi) for 
i < n, or Pn is atomic. In the first case pi and pj have formation sequences 
of length i,j < n, so by induction hypothesis pi,Pj G PROP. As PROP 
satisfies the clauses of definition 1.1.2, also fpiOipj) G PROP. Treat negation 
likewise. The atomic case is trivial. Conclusion F C PROP. □ 

Theorem 1.1.5 is in a sense a justification of the definition of formation 
sequence. It also enables us to establish properties of propositions by ordinary 
induction on the length of formation sequences. 

In arithmetic one often defines functions by recursion, e.g. exponentiation 
is defined by = 1 and -x, or the factorial function by 0! = 1 and 

{x + 1)! = a;! • (a; + 1). 

The jusitification is rather immediate: each value is obtained by using the 
preceding values (for positive arguments). There is an analogous principle in 
our syntax. 

Example. The number b{p) of brackets of p, can be defined as follows: 

{ h{p) = 0 for p atomic, 
h({pUii))) = b{p) + 6(V') + 2, 

=b{p) + 2. 

The value of b{p) can be computed by successively computing btpf) for its 
subformulae f). □ 

We can give this kind of definitions for all sets that are defined by induc- 
tion. The principle of “definition by recursion” takes the form of “there is 
a unique function such that . . . ” . The reader should keep in mind that the 
basic idea is that one can ‘compute’ the function value for a composition in a 
prescribed way from the function values of the composing parts. 
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The general principle behind this practice is laid down in the following 
theorem. 

Theorem 1.1.6 (Definition by Recursion) Let mappings H[j : ^ A 

and H-, : A ^ A be given and let Hat be a mapping from the set of atoms 
into A, then there exists exactly one mapping F : PROP A such that 

{ F{tp) = Hati^p) for ip atomic, 

F{{pU%l})) = Hu{F{p),F{il))), 

Fii^p)) =H^{F{p)). 

In concrete applications it is usually rather easily seen to be a correct princi- 
ple. However, in general one has to prove the existence of a unique function 
satisfying the above equations. The proof is left as an exercise, cf. Exercise 11. 



Here are some examples of definition by recursion: 
1 . The (parsing) tree of a proposition p is defined by 



T{P) 


= ,p for atomic p 


T{{pUf;)) 


= A 








T{p) TO;) 


Tihp)) 


= 1 hp) 




T{p) 



Examples. T[{pi (T V(^pa))); 

(pi ^ (T V (^ps))) 




T{-n{^{pi A (-Pi)))) 
(^(^(pi A (^pi)))) 




A simpler way to exhibit the trees consists of listing the atoms at the bot- 
tom, and indicating the connectives at the nodes. 
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2. The rank r(ip) of a proposition ip is defined by 

( r{ip) = 0 for atomic ip, 
r((v3DV')) = max(r(v3), r('0)) + 1, 

+ 1 - 

We now use the technique of definition by recursion to define the notion of 
subformula. 

Definition 1.1.7 The set of subformulas Sub(ip) is given by 
Sub{ip) = {ip} for atomic p 

Sub{pi^P 2 ) = Sub{pi) U Sub{p 2 ) U {piOp 2 } 

Sub{^p) = Sub{p) U {^p\ 

We say that ip is a subformula of p if ip G Sub{p). 

Notational convention. In order to simplify our notation we will economise on 
brackets. We will always discard the outermost brackets and we will discard 
brackets in the case of negations. Furthermore we will use the convention that 
A and V bind more strongly than ^ and (cf. • and + in arithmetic), and 
that ^ binds more strongly than the other connectives. 

Examples. ~^p V p stands for {{^p) V p), 

~>{~<~<~<pA _L) stands for (^((~'(“'(“'</5)))A -L)), 
pW Ip p stands for {{p \/ ijj) p), 

p ^ pV {ip ^ x) stands for {p ^ {pV {ip ^ x)))- 
Warning. Note that those abbreviations are, properly speaking, not propo- 
sitions. 

In the proposition {pi ^ pi) only one atom is used to define it, it is how- 
ever used twice and it occurs at two places. For some purpose it is convenient 
to distinguish between formulas and formula occurrences. Now the definition 
of subformula does not tell us what an occurrence of p in ip is, we have to add 
some information. One way to indicate an occurrence of p is to give its place 
in the tree of '0, e-g- an occurrence of a formula in a given formula 0 is a pair 
{p, fc), where is a node in the tree of ip. One might even code k as & sequence 
of O’s and I’s, where we associate to each node the following sequence: ( ) (the 
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empty sequence) to the top node, (sq, . . . , Sn-i, 0) to the left immediate de- 
scendant of the node with sequence (sq, . . . , Sn-i) and (sq, . . . , s„_i, 1) to the 
second immediate descendant of it (if there is one). We will not be overly 
formal in handling occurrences of formulas (or symbols, for that matter), but 
it is important that it can be done. 

The introduction of the rank function above is not a mere illustration of 
the ‘definition by recursion’, it also allows us to prove facts about propositions 
by means of plain complete induction (or mathematical induction). We have, 
so to speak, reduced the tree structure to that of the straight line of natural 
numbers. Note that other ‘measures’ will do just as well, e.g. the number of 
symbols. For completeness sake we will spell out the Rank-Induction Principle: 

Theorem 1.1.8 (Induction on rank-Principle) If for all tp for all 

Ip with rank less than r(<^)] A{p), then A{p) holds for all p € PROP 

Let us show that induction on p and induction on the rank of p are 
equivalent.^ 

First we introduce a convenient notation for the rank-induction: write p < ip 
(p ^ tp) for r{p) < r{pp) (r(p) < r{tp)). So \/tp ^ pA(pp) stands for ‘‘^A{tp) 
holds for all ^p with rank at most r((/j)” 

The Rank- Induction Principle now reads 

yppip) -< pA(pp) A{p)) ypA{p) 

We will now show that the rank-induction principle follows from the induction 
principle. Let \/p{\/tp -< pA{ip) A{p)) (f) 

be given. In order to show ^pAlpp) we have to indulge in a bit of induction 
loading. Put B{p) := ^ip ■< pApip). Now show ypBpp) by induction on p. 

1. for atomic p \/ip -i <fA{tp) is vacuously true, hence by (f) A{p) holds. 
Therefore Aptp) holds for all pj with rank < 0. So Bpp) 

2. p = piU\p 2 . Induction hypothesis: B{pi), B{p 2 ). Let p be any proposition 
with r(p) = rpp) = n-\-l (for a suitable n). We have to show that p and 
all propositions with rank less than n -I- 1 have the property A. Since 
r{p) = maxpr{pi), r{p 2 ))-\- 1, one of pi and p 2 has rank n — say pi. Now 
pick an arbitrary ip with r{ip) < n, then ip ‘Pi- Therefore, by B{pi), 
A{ip). This shows that \hp ■< pA{ip), so by (f) A{p) holds. This shows 
B{p) 

h. p = -^p\. Similar argument. 

An application of the induction principle yields WpB^p), and as a consequence 
ypA{p). 

For the converse we assume the premisses of the induction principle. In or- 
der to apply the rank-induction principle we have to show (f). We distinguish 
the following cases: 



^ The reader may skip this proof at first reading. He will do well to apply induction 
on rank naively. 
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1. (f atomic. Then (f) holds trivially. 

2. (/j = ipi\I\ip 2 . Then ipi^ip 2 ^ (see exercise 6). Our assumption is V'i/; ^ 
ipA{ijj), so A{^px) and A{ip 2 ). Therefore A{ip). 

3. (/? = Similar argument. 

This establishes (f). So by rank-induction we get \/(pA{tp). 



Exercises 

1. Give formation sequences of 

(^P2 ^ (P3 V (pi ^ P 2 ))) A ~^P3, 

{P7 ^ ^ T) ^ {{P4 A ^P2) Pi), 

{{{Pl P 2 ) Pi) P 2 ) Pi- 

2. Show that ((— >^ PROP. 

3. Show that the relation “is a subformula of” is transitive. 

4. Let (/j be a subformula of ip- Show that ip occurs in each formation sequence 
of ip. 

b. li ip occurs in a shortest formation sequence of ip then is a subformula 
of ip. 

6. Let r be the rank function. 

(a) Show that r{ip) < number of occurrences of connectives of ip, 

(b) Give examples of ip such that < or = holds in (a), 

(c) Find the rank of the propositions in exercise 1. 

(d) Show that r{ip) < ripp) if t/j is a proper subformula of ip. 

7. (a) Determine the trees of the propositions in exercise 1, 

(b) Determine the propositions with the following trees. 
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8. Let ^{T{ip)) be the number of nodes of T{(p). By the “number of connec- 
tives in (/?” we mean the number of occurrences of connectives in ip. (In 
general #(A) stands for the number of elements of a (finite) set A). 

(a) If ip does not contain _L, show: number of connectives of p+ number 
of atoms oi p < #(T(<p)). 

(b) #(sub(<^)) < #(T(\o)). 

(c) A branch of a tree is a maximal linearly ordered set. 

The length of a branch is the number of its nodes minus one. Show 
that r{p) is the length of a longest branch in T{p). 

(d) Let p not contain _L. Show: the number of connectives vci p + the 

number of atoms of — 1. 

9. Show that a proposition with n connectives has at most 2n-|-l subformulas. 

10. Show that for PROP we have a unique decomposition theorem: for each 
non-atomic proposition a either there are two propostions p and '0 such 
that a = p\Ail), or there is a proposition p such that a = -'p. 

11. (a) Give an inductive definition of the function F, defined by recursion 

on PROP from the functions iLot, iLn, as a set F* of pairs. 

(b) Formulate and prove for F* the induction principle. 

(c) Prove that F* is indeed a function on PROP. 

(d) Prove that it is the unique function on PROP satisfying the recur- 
sion equations. 

1.2 Semantics 

The task of interpreting propositional logic is simplified by the fact that the 
entities considered have a simple structure. The propositions are built up from 
rough blocks by adding connectives. 

The simplest parts (atoms) are of the form “grass is green”, “Mary likes 
Goethe” , “6—3 = 2” , which are simply true or false. We extend this assignment 
of truth values to composite propositions, by reflection on the meaning of the 
logical connectives. 

Let us agree to use 1 and 0 instead of ‘true’ and ‘false’. The problem we 
are faced with is how to interprete pOtjj, ~^p, given the truth values of p and 

We will illustrate the solution by considering the in-out-table for Messrs. 
Smith and Jones. 

Conjunction. A visitor who wants to see both Smith and Jones wants the 
table to be in the position shown here, i.e. 
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“Smith is in” A “Jones is in” is true iff 
“Smith is in” is true and “Jones is in” is true. 



We write v{}p) = 1 (resp. 0) for is true” (resp. false). Then the above 
consideration can be stated as v{ipAtjj) = 1 iff v{ip) = v^tjj) = 1, or v {ip A ip) = 
rohi{v{p),v{ip)). 

One can also write it in the form of a truth table: 



A 


0 


1 


0 


0 


0 


1 


0 


1 



One reads the truth table as follows: the first argument is taken from the 
leftmost column and the second argument is taken from the top row. 





in 


out 


Smith 


X 




Jones 


X 





Disjunction. If a visitor wants to see one of the partners, no matter which 
one, he wants the table to be in one of the positions 





in 


out 


Smith 


X 




Jones 


X 







in 


out 


Smith 


X 




Jones 




X 





in 


out 


Smith 




X 


Jones 


X 





In the last case he can make a choice, but that is no problem, he wants to 
see at least one of the gentlemen, no matter which one. 

In our notation, the interpretation of V is given by 

v{p V 'i/') = 1 iff u{f) = 1 or v{ijj) = 1. 

Shorter: v{p\/ ip) = mayi{v{(p),v{ip)). 



In truth table form: 



V 


0 


1 


0 


0 


1 


1 


1 


1 



Negation. The visitor who is solely interested in our Smith will state that 
“Smith is not in” if the table is in the position: 





in 


out 


Smith 




X 



So “Smith is not in” is true if “Smith is in” is false. We write this as 
v{^(f) = 1 iff v{p) = 0, or v{-<ip) = 1 — v{(f). 



— 1 




0 


1 


1 


0 



In truth table form: 
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Implication. Our legendary visitor has been informed that “Jones is in if 
Smith is in” . Now he can at least predict the following positions of the table 





in 


out 


Smith 


X 




Jones 


X 







in 


out 


Smith 




X 


Jones 




X 



If the table is in the position 





in 


out 


Smith 


X 




Jones 




X 



then he knows that the information was false. 



The remaining case, 





in 


out 


Smith 




X 


Jones 


X 





cannot be dealt with in 



such a simple way. There evidently is no reason to consider the information 
false, rather ‘not very helpful’, or ‘irrelevant’. However, we have committed 
ourselves to the position that each statement is true or false, so we decide to 
call “If Smith is in, then Jones is in” true also in this particular case. The 
reader should realize that we have made a deliberate choice here; a choice that 
will prove a happy one in view of the elegance of the system that results. There 
is no compelling reason, however, to stick to the notion of implication that 
we just introduced. Various other notions have been studied in the literature, 
for mathematical purpose our notion (also called ‘material implication’) is 
however perfectly suitable. 

Note that there is just one case in which an implication is false (see the 
truth table below), one should keep this observation in mind for future appli- 
cation - it helps to cut down calculations. 

In our notation the interpretation of implication is given by v{ip ip) = 0 iff 
v{if) = 1 and v{ip) = 0. 



Its truth table is: 





0 


1 


o 


1 


1 


1 


0 


1 



Equivalence. If our visitor knows that “Smith is in if and only if Jones is in”, 
then he knows that they are either both in, or both out. Hence v{(p <-> ■0) = 1 
iff v{(p) = v{ip). 



The truth table of ^ is: 





0 


1 


0 


1 


0 


1 


0 


1 



Falsum. An absurdity, such as “0 0 0”, “some odd numbers are even”, “I 
am not myself”, cannot be true. So we put u(T) = 0. 
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Strictly speaking we should add one more truth table, i.e. the table for T, 
the opposite of falsum. 

Verum. This symbol stands for manifestly true propostion such as 1 = 1; we 
put n(T) = 1 for all v. 

We collect the foregoing in 



Definition 1.2.1 A mapping v : PROP — > {0, 1} is a valuation if 
v{ipAip) = mm{v{ip),v{'if>)), 
v{(fi\/'ip) = max('u(<p), (■!/))), 
v{(fi if) = 0 v{ip) = 1 and v{ip) = 0, 

v{(fi ^ Ip) = 1 v{(p) = v{ip), 

v{-^ip) = 1 — v{lp) 

?;(-L) = 0. 

If a valuation is only given for atoms then it is, by virtue of the definition 
by recursion, possible to extend it to all propositions, hence we get: 



Theorem 1.2.2 If v is a mapping from the atoms into {0, 1}, satisfy- 
ing v(-L) = 0, then there exists a unique valuation such that = v{(p) 
for atomic (p. 

It has become common practice to denote valuations as defined above by 
so will adopt this notation. Since |-] is completely determined by its values 
on the atoms, |</j] is often denoted by Whenever there is no confusion 

we will delete the index v. 

Theorem 1.2.2 tells us that each of the mappings v and 1-]^ determines 
the other one uniquely, therefore we call v also a valuation (or an atomic 
valuation, if necessary). From this theorem it appears that there are many 
valuations (cf. Exercise 4). 

It is also obvious that the value of (p under v only depends on the 
values of v on its atomic subformulae: 

Lemma 1.2.3 If v{pi) = v'{pi) for all pi occurring in ip, then |(^]^ = 

Proof. An easy induction on ip. □ 

An important subset of PROP is that of all propositions ip which are al- 
ways true, i.e. true under all valuations. 
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Definition 1.2.4 (i) ip is a tautology if = 1 for all valuations v, 

(a) \= g} stands for ‘(p is a tautology’, 

(Hi) Let r be a set of propositions, then F \= p iff for all v: (\ff\v = 1 for all 
if e F)^ |<p]„ = 1. 

In words: F \= p holds iff p is true under all valuations that make all if in F 
true. We say that p is semantical consequence of F. We write F pii F \= p 
is not the case. 

Convention, pi, . . . ,pn \= ip stands for {pi, . . . , Pn} \= ip- 

Note that = 1 for all v” is another way of saying = 1 for all 

valuations” . 

Examples. {\) \= p ^ p] |= ~^^p p\ \= p\/ ip ip\/ p, 

iff) P,ip^^ p f\ip] p,p^ip\=ip] p ^ Ip, ^ip \= ^p. 

One often has to substitute propositions for subformulae; it turns out to 

be sufficient to define substitution for atoms only. 

We write p[ip/pi] for the proposition obtained by replacing all occurrences 
of Pi in by '(/'• As a matter of fact, substitution of ip for pi defines a mapping 
of PROP into PROP, which can be given by recursion (on p). 



Definition 1.2.5 piff/Pi] = f if F atomic and p Pi 

\ip \i p = Pi 

ipiUp2)[iplpi] = pi[ip/pi]Up2[iplpi] 

{^p)[iP/pi] =^p[ip/pi]. 

The following theorem spells out the basic property of the substitution of 
equivalent propositions. 



Theorem 1.2.6 (Substitution Theorem) If\=pi^ p 2 , then 
1= ip[pi/p] ^ ip[p 2 /p], where p is an atom. 

The substitution theorem is actually a consequence of a slightly stronger 



Lemma 1.2.7 [pi ^ p 2 \v < lip[pi/p\ ^ ip[p 2 /p\lv and 
h iPi ^ P2) ^ iffVpi/p] ^ ff[F 2 /p\) 

Proof. Induction on ip. We only have to consider \p\ pfflv = 1 (why?). 

- Ip atomic. If '0 = P, then ip[pi/p] = pi and the result follows immediately. 

liipff^p, then ip[pi/p] = ip, and lip[pi/p] ^ ip[p 2 /p]jv = iff ^ ffjv = 1- 

- Ip = ipi\I\ip2. Induction hypothesis: IV'iipi/p]],, = 104 ^^ 2 /p]]i;- Now the 
value of l{ipiUip2)[pi/p]\v = |0i [pj/p]D02[pi/p]]« is uniquely determined 
by its parts lipj[pi/p]\v, hence |(0iD02)[<Pi/p]]« = \iipiUip2)[p2 / p]\v 

- Ip = -101. Left to the reader. 
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The proof of the second part essentially uses the fact that \= ip ^ 'll) 

< 1^1 u for all n(cf. Exercise 6). □ 

The proof of the substitution theorem now immediately follows . □ 

The substitution theorem says in plain english that parts may be replaced 
by equivalent parts. 

There are various techniques for testing tautologies. One such (rather slow) 
technique uses truth tables. We give one example: 



(if ijj) 






-nip) 



p Ip -np) p — > \p -nip — > [ip — > Ip) -1^ (-i'0 — > -np) 



0 0 11 
0 110 
10 0 1 
110 0 



The last column consists of I’s only. Since, by lemma 1.2.3 only the values 
of p and tp are relevant, we had to check 2^ cases. If there are n (atomic) 
parts we need 2” lines. 

One can compress the above table a bit, by writing it in the following form: 



{p ^1p) ^ (~nlP -np) 

0 10 1 1 11 

oil 1 0 11 

10 0 1 1 0 0 

111 1 0 10 



Let us make one more remark about the role of the two 0-ary connectives, 
T and T. Clearly, ^ T ^ (T^T), so we can define T from T. On the other 
hand, we cannot define T from T and — we note that from T we can never 
get anything but a proposition equivalent to T by using A,V,— *■, but from T 
we can generate T and T by means of applying A, V, — 



Exercises 

1. Check by the truth table method which of the following propositions are 
tautologies 

(a) {-np y Ip) ^ {ip ^ p) 

(b) p^{{ip^a)^ {{p ^ip)^{p^ cr))) 

(c) {p ^p) ^ -np 

(d) ^{p ^ ^p) 

(e) {p^{ip^ cr)) ^ {{p ^ 1 p)^ a) 

(f) p V -np {principle of the excluded third) 

(g) _L^ {p A -np) 

(h) p {ex f also sequitur quodlibet) 
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2. Show (a) 

ih) ip\= Ip and ip \= a ^ Lp \= a] 

(c) '^ip^ip^ip'^ip. 

3. Determine </?hPo ^ Ps/Po] for ip = pi ^po ^ ppo ^ Pa); 

P = (P3 ^ Po) V {p 2 ^po). 

4. Show that there are valuations. 

5. Show \p A ip}y = • {ipjy, 

Ip V 1p\y = |(^]„ + lp)\y - • {ipjy, 

+ Mt; • Mv, 

- - Mvl- 

|<P]„ < flpjy. 

1.3 Some Properties of Propositional logic 

On the basis of the previous sections we can already prove a lot of theorems 
about propositional logic. One of the earliest discoveries in modern proposi- 
tional logic was its similarity with algebras. 

Following Boole, an extensive study of the algebraic properties was made by a 
number of logicians. The purely algebraic aspects have since then been studied 
in the so-called Boolean Algebra. 

We will just mention a few of those algebraic laws. 

Theorem 1.3.1 The following propositions are tautologies: 

{p W ifj) y a ^ p W {ip \/ a) {p A Ip) A a ^ p A {ip A a) 
associativity 

py Ip ^ ipy p p A Ip ^ Ip A p 
commutativity 

py {ip A a) ^ {py Ip) A {py a) p A {ip y a) ^ {p A Ip) y {p A a) 

distrihutivity 

-'{p y Ip) —'p A —'Ip —'{p A '0) ~'P y ~'4’ 

De Morgan’s laws 
p y p p p A p p 
idempotency 

-n^p p 

double negation law 



{P^1p\y = l- |(^]„ 
lp^1p\y = l- 

6. Show \p — > ip\y = 1 
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Proof. Check the truth tables or do a little computation. E.g. De Morgan’s 
law: V = 1 I<<3 V -0] = 0 |<p] = |i/^l = 0 = l-'^] = 1 

= 1 . 

So V 0)] = A -10] for all valuations, i.e \= -'{ip V 0) ~^(p A -i0. 

The remaining tautologies are left to the reader. □ 



In order to apply the previous theorem in “logical calculations” we need a 
few more equivalences. This is demonstrated in the simple equivalence 
1= A V 0) (exercise for the reader). For, by the distributive law 
\= (f A {(f \/ tjj) ^ {(f A (f) \/ {(f A 'tp) and |= {(p A (p) \/ {(p A tjj) <->■ (p \/ {p A tp) , by 
idempotency and the substitution theorem. So ^ A (v? V 0) V A 0). 
Another application of the distributive law will bring us back to start, so just 
applying the above laws will not eliminate 0! 

We list therefore a few more convenient properties. 



Lemma 1.3.2 If \= p ^ tp, then \= p A tp p and 

1= V 0 <-> 0 

Proof. By Exercise 6 of section 1.2 \= p ^ tp implies !</?].„ < |0].„ for all v. So 
[p A 0]„ = min(|(^]„, |0]„) = |(^]„ and \p V 0]^ = max(|</j]„, |0]„) = |0]„ 
for all u. □ 

Lemma 1.3.3 pa) \= p \= p A ip ip 

(h) \= p 1= V 0 0 

('c)^TV0^0 
(d) \=T A Ip Ip 

Proof. Left to the reader. □ 

The following theorem establishes some equivalences involving various con- 
nectives. It tells us that we can “define” up to logical equivalence all connec- 
tives in terms of {V,-i}, or or {A,^}, or {— >,T}. 

That is, we can find e.g. a proposition involving only V and which is equiv- 
alent to p Ip, etc. 

Theorem 1.3.4 (a) \= {p ip) {p — > ip) A {ip — >■ p), 

(b) \= {p^^) ^ l^pVip), 

(c) \= p\/ Ip ^ {^p Ip), 

(d) \= pV Ip ~'{~'‘P A -<ip), 

(e) \= p A Ip ~'{~'^ V -<ip), 

(f) h “’V5 ^ (V5 ^-L), 

(g) h ±^pA^p. 
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Proof. Compute the truth values of the left-hand and right-hand sides. □ 

We now have enough material to handle logic as if it were algebra. For 
convenience we write ip ip for \= p ip. 



Lemma 1.3.5 « %s an equivalence relation on PROP ,i.e. 

(fi Ki ip (reflexitivity) , 

p PC Ip Ip p (symmetry), 

p Ki Ip and Ip K, a p ks a (transitivity) . 

Proof Use \= p ip \p\„ = |?/>]„ for all v. □ 

We give some examples of algebraic computations, which establish a chain 
of equivalences. 

1. 1. [p ^ {ip ^ a)] ^ [p ^ 1 p ^ a], 

p ^ (ip ^ a) ~ -^p V ('0 ^ cr), (1.3.4(b)) 

-^py {ip ^ a) ~ ~^p V (-10 V a), ( 1.3.4(b) and subst. thm.) 

~^p V (-10 V (t) « (^p V -10) V cr, (ass.) 

(^p V -10) V (T « ~^(p Alp) y a, {De Morgan and subst. thm.) 

-i((/3 A 0) V (T « (<p A 0) — > O', ( 1.3.4(b)) 

So —> (0 ^ cr) « (<p A 0) —> O'. 

We now leave out the references to the facts used, and make one long 
string. We just calculate till we reach a tautology. 

2. 2. \= {p ^ Ip) ^ {-^ip ~^p), 

-lip — >■ ~^p « —I— lip V —ip « 0 V —ip PC —ip y Ip PS p — > Ip 

3. 3. \= p ^ {ip ^ p), 

p ^ {ip ^ p) Ki ~^p V (-10 y p) K. {-^p y p)y -iip. 



We have seen that V and A are associative, therefore we adopt the convention, 
also used in algebra, to delete brackets in iterated disjunctions and conjunc- 
tions; i.e. we write pi y p 2 y y >3 y ipi, etc. This is alright, since no matter 
how we restore (syntactically correctly) the brackets, the resulting formula is 
determined uniquely up to equivalence. 

Have we introduced all connectives so far? Obviously not. We can eas- 
ily invent new ones. Here is a famous one, introduced by Sheffer: p\ip stands 
for “not both p and 0” . More precise: p\ip is given by the following truth table 



Sheffer stroke 



1 


0 


1 


0 


1 


1 


1 


1 


0 



Let us say that an n-ary logical connective $ is defined by its truth table, 
or by its valuation function, if |$(pi, . . . ,p„)] = /(|pi], ■ . . , |pn]) for some 
function /. 
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Although we can apparently introduce many new connectives in this way, 
there are no surprises in stock for us, as all of those connectives are definable 
in terms of V and 



Theorem 1 . 3.6 For each n-ary connective $ defined by its valuation func- 
tion, there is a proposition r, containing only pi, . ■ . ,Pn, V and such that 

\=T^ $(pi, . . . ,Pn). 

Proof. Induction on n. For n = 1 there are 4 possible connectives with truth 
tables 




One easily checks that the propositions V ^p), p V ~^p, p and ^p will meet 
the requirements. 

Suppose that for all n-ary connectives propositions have been found. 



Consider $(pi, . . . ,PmPn-i-i) with truth table: 




where ife < 1 . 



We consider two auxiliary connectives $i and $2 defined by 

$i(p2, . . . ,p„-i-i) = $(J-,P2, • ■ . ,Pn-i-i) and 
$2(P2, • • ■ ,Pn-i-i) = $(T,P2, . . . ,Pn-i-i), where T = ^ _L 
(as given by the upper and lower half of the above table). By the induction 
hypothesis there are propositions cti and (T2, containing only P2, . . • ,P«-i-i, V 
and ^ so that |= $i(p2, . . . ,Pn-i-i) ^ (Ji- 

From those two propositions we can construct the proposition r: 

T := (pi ^ 0-2) A (^pi ^ (Ti). 
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Claim 1= $(pi, . . .,pn+i) ^ T. 

If [Piji; = 0> then Ipi a 2 \v = 1, so |r]„ = \-^pi (Ti]„ = |cti]„ = 

I$l(p2, • • ■ ,Pn+l)\v = [$(Pl,P2, • ■ • ,Pn+l)jv, USing |pi]„ = 0 = | _L]„. 

The case |pi]u = 1 is similar. 

Now expressing — *■ and A in terms of V and ^ (1.3.4), we have |r'] = 
|$(pi, . . . ,p„+i)] for all valuations (another use of lemma 1.3.5), where r' « t 
and t' contains only the connectives V and □ 

For another solution see Exercise 7. 

The above theorem and theorem 1.3.4 are pragmatic justifications for our 
choice of the truth table for — we get an extremely elegant and useful theory. 
Theorem 1.3.6 is usually expressed by saying that V and ^ form a function- 
ally complete set of connectives. Likewise A, ^ and — ^ and T, — > form 
functionally complete sets. 

In analogy to the ^ and J([ from algebra we introduce finite disjunctions 
and conjunctions: 



Definition 1.3.7 



= 7>o 

z<0 

< 

^ 2<n+l 2<n 



AJ 

2<0 

< 

AJ ‘7’i = W V ipn+l 

^ i<n+l i<n 



Definition 1.3.8 If (p = A/ where pij is atomic or the negation of 

i<n j^rrii 

an atom, then tp is a conjunctive normal form. If p = WA\ Pij, where pij 

i<n j<rrii 

is atomic or the negation of an atom, then p is a disjunctive normal form. 

The normal forms are analogous to the well-known normal forms in alge- 
bra: ax'^ byx is “normal” , whereas x(ax by) is not. One can obtain normal 
forms by simply “multiplying”, i.e. repeated application of distributive laws. 
In algebra there is only one “normal form” ; in logic there is a certain duality 
between A and V, so that we have two normal form theorems. 



Theorem 1.3.9 For each p there are conjunctive normal forms p^ and dis- 
junctive normal forms p'^ , such that \= p ^ p^ and \= p ^ p~^ . 

Proof. First eliminate all connectives other than T, A, V and Then prove 
the theorem by induction on the resulting proposition in the restricted lan- 
guage of T, A, V and In fact, T plays no role in this setting; it could just 
as well be ignored. 

(a) p is atomic. Then p^ = p~^ = p. 
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(b) If = ill A a. Then ip'' = ip^ A a'' . In order to obtain a disjunctive nor- 
mal form we consider ip^ = V V'ii = V ^j^ where the ipi's and <Tj’s are 
conjunctions of atoms and negations of atoms. 

Now ip = ijiAaKiip'^Aa'^Ki A o-j). 

ij 

The last proposition is in normal form, so we equate ip^ to it. 

(c) ip = ipy u. Similar to (&). 

(d) ip = -I'i/'. By induction hypothesis ip has normal forms ip'^ and ip'^ . 

-nip « -nip^ « - V A ~ A V « A V '^ij, where V'y = ~^tpij if 

ipij is atomic, and ipij = ~'ipij if V’ii is the negation of an atom. (Observe 
~^~'ipij ~ ’fpij)- Clearly ^ ip[j is a conjunctive normal form for ip. The dis- 
junctive normal form is left to the reader. 

For another proof of the normal form theorems see Exercise 7. □ 

When looking at the algebra of logic in theorem 1.3.1, we saw that V and A 
behaved in a very similar way, to the extent that the same laws hold for both. 
We will make this ‘duality’ precise. For this purpose we consider a language 
with only the connectives V, A and 



Definition 1.3.10 Define an auxiliary mapping * : PROP PROP recur- 
sively by tp* = -^tp if ip is atomic, 
if Alp)* =f*Vip*, 
ifVip)* =f* Alp*, 
i^f)* =^f*. 

Example, {{po A ^pf) V P2)* = (po A ~^pi)* A p *2 = (pq V i^Pi)*) A ~^P2 = 
i^Po V -^pI) a ~^P2 = i^Po V ^^Pi) A ^P2 « i^Po Vpi) A ^P2- 

Note that the effect of the *-translation boils down to taking the negation 
and applying De Morgan’s laws. 



Lemma 1.3.11 = |^<p] 

Proof. Induction on f. For atomic f |(^*] = 

!(</? A V’)*] = if* V ip*j = l~^f V -.V'l) = A ip)j). 

!(</? V '(/’)*] and are left to the reader. □ 



Corollary 1.3.12 \= f* ~^f. 

Proof. Immediate from Lemma 1.3.11. □ 

So far this is not the proper duality we have been looking for. We really 
just want to interchange A and V. So we introduce a new translation. 
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Definition 1.3.13 The duality mapping ^ : PROP PROP is recursively 
defined by = (p for (p atomic, 

{p A fY = 

(p V tpY = p'^ 

hpY =V- 

Theorem 1.3.14 (Duality Theorem) Y T Y Y 

Proof. We use the * -translation as an intermediate step. Let us introduce the 
notion of simultaneous substitution to simplify the proof: 
cr[ro, . . . , r„/poj ■ ■ • iPn] is obtained by substituting Ti for pi for alH < n simul- 
taneously (see Exercise 15). Observe that p* = p'^Ypo , . . . , ^PnlPo, ■ ■ ■ ,Pn], 
so p*Ypo, ■ ■ • , ^PnlPo, • ■ ■ ,Pn] = p'^Y^Po, • ■ ■ > ■ ,Pn], where the 

atoms of p occur among the po, ... ,pn- 

By the Substitution Theorem |= p*Ypqt ■ ■ ,^Pn/po, ■ ■ ■ ,Pn]- The 

same equivalence holds for ip. 

By Corollary 1.3.12 Y T* ^ “'Pj Y Y* ^ ~'Y- Since Y P ^ Y^ also |= 
-^p ^ - 1 ^. Hence Y T* Y* ^ and therefore Y P*Ypo, ■ ■ ■ , ^Pn/po, ■ • • ,Pn] ^ 
Y*YP0: ■ ■ ■ ,^Pn/po, ■ ■ ■ ,Pn]- 

Using the above relation between p‘^ and p* we now obtain Y Y‘^- 

The converse follows immediately, as p‘^'^ = P- D 

The duality Theorem gives us one identity for free for each identity we 
establish. 



Exercises 

1. Show by ‘algebraic’ means 

1= {p ^ Ip) ^ (->'0 — >■ ~’p), Contraposition, 

1= {p ^ Ip) f\ {ip ^ o) ^ {p ^ a), transitivity of 

h (P ^ ("0 A -10)) ^ ~^p, 

h (P ^ ^ 

h ~^{pA^p), 
h p^(0^pA0), 

1= {{p Y) ^ p) ^ p. Peirce’s Law . 

2. Simplify the following propositions (i.e. find a simpler equivalent proposi- 
tion). 

(a) (p ^ 0) A p, (b) {p^Y)y ^p, (c) {p^Y) ^ 0, 

(d)p^(pA0), (e) ((^ A 0) V Y)i.T^Y)^T- 

3. Show that { ^ } is not a functionally complete set of connectives. Idem 
for {— >, V} (hint: show that each formula p with only ^ and V there is a 



28 



1 Propositional Logic 



valuation v such that = 1 )• 

4. Show that the Shelter stroke, |, forms a functionally complete set (hint: 

5. Show that the connective | {ip nor tp), with valuation function = 1 

iff |<p] = !■!/;] = 0, forms a functionally complete set. 

6. Show that | and | are the only binary connectives $ such that {$} is func- 
tionally complete. 

7. The functional completeness of {V, ->} can be shown in an alternative way. 
Let $ be an n-ary connective with valuation function |$(pi, . . . ,p„)] = 
/(|pi], . . . , |p„]). We want a proposition r (in V,^) such that |r] = 
f llPi], ■ ■ ■ , lPn\)- 

Suppose /(|pi], . . . , |pn]) = 1 at least once. Consider all tuples 
(bil, ■ • ■ , Ipnj) with /(|pi|, . . . , |p„]) = 1 and form corresponding con- 
junctions pi A p 2 A ... A Pn such that pi = pi if |pi] = 1, pi = ~^pi if 
|pi] = 0 . Then show ^ (p} A P 2 /^ . . . A pU W ... V {p^ A p 2 A ... A p!p) ^ 
$(pi, . . . ,p„), where the disjunction is taken over all n-tuples such that 
f{lPl],---,lPn]) = 1- 

Alternatively, we can consider the tuples for which /(|pi], . . . , |pn]) = 
0. Carry out the details. Note that this proof of the functional complete- 
ness at the same time proves the Normal Form Theorems. 

8. Let the ternary connective $ be defined by |$(<pi, <p 2 , V^a)] = 1 
It’iI + It’ 21 + [v^al > 2 (the majority connective). Express $ in terms 
of V and 



9. Let the binary connective ^ be defined by 



# 


0 


1 


0 


0 


1 


1 


1 


0 



Express # in terms of V and 

10. Determine conjunctive and disjunctive normal forms for ^{ip ip), 
{{p ^ ip) ^ ip) ^ ip, {p^ {pA -lip)) A {ip ^ {ip A ^p)). 

11. Give a criterion for a conjunctive normal form to be a tautology. 

12. Prove /A {pi V ipj) and 



i<n 3"^"^ 



i < n 
j < m 
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i’j ^ W 

^<n j<m ■ < ^ 

j <m 

13. The set of all valuations, thought of as the set of all 0 — 1— sequences, 

forms a topological space, the so-called Cantor space C. The basic open 
sets are finite unions of sets of the form {u | |pq]u = . . . = = 1 and 

IPjijv = ■■■ = IPjmJv = 0}, ik 7^ jp for fc < n; p < m. 

Define a function | 1 : PROP ViC) (subsets of Cantor space) by: 
M = {u I = 1}. 

(a) Show that |p] is a basic open set (which is also closed), 

(b) Ip V - 0 ] = |p] u Ip A 0 ] = |p] n |^p] = Ip]"^, 

(c) [= p IpI = C; |T] = 0; h ^ '0 M C |0]. 

Extend the mapping to sets of propositions P by 

|T] = {v I |p]u = 1 for all p G T}. Note that |T] is closed. 

(d) r h ^ |ri c |p]. 

14. We can view the relation ^ p ^ 0 as a kind of ordering. Put p C 0 := 
1= p — > 0 and 0 — > p. 

(i) for each p, 0 such that p C 0, find a with p C tr C 0, 

(ii) find pi, P 2 , P 3 , • • ■ such that pi C p 2 C pa C P 4 C • • 

(iii) show that for each p, 0 with p and 0 incomparable, there is a least 
(7 with p, 0 C (T. 

15. Give a recursive definition of the simultaneous substitution 

p[0, . . . , ipn/pi, ■ ■ ■ ,Pn] and formulate and prove the appropriate analogue 
of the Substitution Theorem (theorem 1.2.6). 



30 



1 Propositional Logic 



1.4 Natural Deduction 

In the preceding sections we have adopted the view that propositional logic 
is based on truth tables, i.e. we have looked at logic from a semantical point 
of view. This, however, is not the only possible point of view. If one thinks 
of logic as a codification of (exact) reasoning, then it should stay close to the 
practice of inference making, instead of basing itself on the notion of truth. 
We will now explore the non-semantic approach, by setting up a system for 
deriving conclusions from premises. Although this approach is of a formal na- 
ture, i.e. it abstains from interpreting the statements and rules, it is advisable 
to keep some interpretation in mind. We are going to introduce a number of 
derivation rules, which are, in a way, the atomic steps in a derivation. These 
derivations rules are designed (by Gentzen), to render the intuitive meaning 
of the connectives as faithfully as possible. 

There is one minor problem, which at the same time is a major advantage, 
namely: our rules express the constructive meaning of the connectives. This 
advantage will not be exploited now, but it is good to keep it in mind when 
dealing with logic (it is exploited in intuitionistic logic). 

One small example: the principle of the excluded third tells us that |= 
ip V -lip, i.e., assuming that is a definite mathematical statement, either 
it or its negation must be true. Now consider some unsolved problem, e.g. 
Riemann’s Hypothesis, call it R. Then either R is true, or ^R is true. However, 
we do not know which of the two is true, so the constructive content of i?V ~^R 
is nil. Constructively, one would require a method to find out which of the 
alternatives holds. 

The propositional connective which has a strikingly different meaning in a 
constructive and in a non-constructive approach is the disjunction. Therefore 
we restrict our language for the moment to the connectives A, — > and T. This 
is no real restriction as {— *■, T} is a functionally complete set. 

Our derivations consist of very simple steps, such as “from ip and ip ^ ip 
conclude ip" , written as: 

ip ip — > Ip 
iP 

The propositions above the line are premises , and the one below the line 
is the conclusion . The above example eliminated the connective — We can 
also introduce connectives. The derivation rules for A and — *■ are separated 
into 
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ip ih ip Alb ip A%b 

(A/) -——A/ (AU) ^-—AE ——AE 



ip Alp 






%b 



H I) 



[<p] 



tb 



lb 



ip^ib 



We have two rules for _L, both of which eliminate _L, but introduce a for- 
mula. 



h^] 

U : 

(U) - U (RAA) ■ 

^ U 

-RAA 

‘P 

As usual is used here as an abbreviation for — >_L’. 

The rules for A are evident: if we have ip and ib may conclude ip A ip, 
and if we have p A tp we may conclude p (or tp) . The introduction rule for 
implication has a different form. It states that, if we can derive ip from p 
(as a hypothesis), then we may conclude p ^ ip (without the hypothesis p). 
This agrees with the intuitive meaning of implication: p ^ ip means “ip fol- 
lows from . We have written the rule (^ I) in the above form to suggest a 
derivation. The notation will become clearer after we have defined derivations. 
For the time being we will write the premises of a rule in the order that suits 
us best, later we will become more fastidious 

The rule (^ E) is also evident on the meaning of implication. If p is given 
and we know that ip follows from p, then we have also ip. The falsum rule, (_L), 
expresses that from an absurdity we can derive everything (ex falso sequitur 
quodlibet), and the reductio ad absurdum rule , (RAA), is a formulation of 
the principle of proof by contradiction : if one derives a contradiction from 
the hypothesis ~^p, then one has a derivation of p (without the hypothesis 
~^p, of course). In both (— *■ I) and (RAA) hypotheses disappear, this is in- 
dicated by the striking out of the hypothesis. We say that such a hypothesis 
is cancelled. Let us digress for a moment on the cancellation of hypotheses. 
We first consider implication introduction. There is a well-known theorem in 
plane geometry which states that “if a triangle is isosceles, then the angles 
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opposite the equal sides are equal to one another” (Euclid’s Elements, Book I, 
proposition 5). This is shown as follows: we suppose that we have an isosceles 
triangle and then, in a number of steps, we deduce that the angles at the 
base are equal. Thence we conclude that the angles at the base are equal if the 
triangle is isosceles. 

Query 1: do we still need the hypothesis that the triangle is isosceles? Of 
course not! We have, so to speak, incorporated this condition in the state- 
ment itself. It is precisely the role of conditional statements, such as “if it 
rains I will use my umbrella” , to get rid of the obligation to require (or verify) 
the condition. In abstracto: if we can deduce using the hypothesis ip, then 

> '0 is the case without the hypothesis tp (there may be other hypotheses, 
of course). 

Query 2: is it forbidden to maintain the hypothesis? Answer: no, but it 
clearly is superfluous. As a matter of fact we usually experience superfluous 
conditions as confusing or even misleading, but that is rather a matter of the 
psychology of problem solving than of formal logic. Usually we want the best 
possible result, and it is intuitively clear that the more hypotheses we state 
for a theorem, the weaker our result is. Therefore we will as a rule cancel as 
many hypotheses as possible. 

In the case of reductio ad absurdum we also deal with cancellation of hy- 
potheses. Again, let us consider an example. 

In analysis we introduce the notion of a convergent sequence (a„) and sub- 
sequently the notion “a is a limit of (a„)”. The next step is to prove that for 
each convergent sequence there is a unique limit; we are interested in the part 
of the proof that shows that there is at most one limit. Such a proof may run 
as follows: we suppose that there are two distinct limits a and o', and from 
this hypothesis, a yf o', we derive a contradiction. Conclusion: a = a' . In this 
case we of course drop the hypothesis a a', this time it is not a case of being 
superfluous, but of being in conflict! So, both in the case (^ I) and of (RAA), 
it is sound practice to cancel all occurrences of the hypothesis concerned. 

In order to master the technique of Natural Deduction, and to get familiar 
with the technique of cancellation, one cannot do better than to look at a few 
concrete cases. So before we go on to the notion of derivation we consider a 
few examples. 



I 



AE 

tjj 

Ip A p 



[pApj]^ 

AE 




II 



T 

(y, ^ -L) ^ -L 
^ ^ -L) ^ -L) 



if /\ ij) ^ tj) f\ if 



h 
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bA'0]^ 

A\E 

[(^A'0] ^ [ip ^ {i) ^ a)f 

^E > E 

th lb — > <7 

III > E 

a 

>h 

p Alp ^ a 

> I 2 

{p ^ {ip ^ a)) ^ {p Alp ^ a) 

If we use the customary abbreviation ^—<p’ for ^p ^_L’, we can bring some 
derivations into a more conveirieirt form. (Recall that ~^p and p — *-_L, as giveir 
in 1.2, are semantically equivaleirt). We rewrite derivatioir II usiirg the abbre- 
viation: 






E 



II' 



np 



ip > — 1 — 1 (^ 

In the following example we use the iregatioir sign and also the bi-implicatioir; 
p ip ior {p ^ ip) A {ip ^ p). 



[ip]i ^ ^ 



■ f\E 



■ E 






[ip ^ ^ipf 
W? ip ^ ^ip 



■ f\E 



■ E 



IV 



_L 



[ip ^ ^ipY 






- r\E 



I 2 



h 



■i{ip ^ ^ip) 



The examples show us that derivations have the form of trees. We show 
the trees below: 
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One can just as well present derivations as (linear) strings of propositions: we 
will stick, however, to the tree form, the idea being that what comes naturally 
in tree form should not be put in a linear straight-jacket. 

We now shave to define the notion of derivation in general. We will use an 
inductive definition to produce trees. 



Notation 
V V 



if 



(p p 



V V V 

, are derivations with conclusions , then p , P p' 



tp 

are derivations obtained by applying a derivation rule to p (and 

i’ 

The cancellation of a hypothesis is indicated as follows: if P is a 



p and p'). 
derivation 



V . 

with hypothesis tp, then ^ is a derivation with ip cancelled. 

a 



With respect to the cancellation of hypotheses, we note that one does 
not necessarily cancel all occurrences of such a proposition ip. This clearly 
is justified, as one feels that adding hypotheses does not make a proposition 
underivable (irrelevant information may always be added). It is a matter of 
prudence, however, to cancel as much as possible. Why carry more hypotheses 
than necessary? 

Furthermore one may apply (— > I) if there is no hypothesis available for 

cancellation e.g. ^ ? is a correct derivation, using just {-^ I). To sum 

ip^y 

it up: given a derivation tree of tp (or T), we obtain a derivation tree oi p ^ ip 
(or p) at the bottom of the tree and striking out some (or all) occurrences, if 
any, of p (or —‘p) on top of a tree. 

A few words on the practical use of natural deduction: if you want to give a 
derivation for a proposition it is advisable to devise some kind of strategy, just 
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like in a game. Suppose that you want to show [ip /\ ij) ^ a] ^ [ip ^ {i!) ^ <j)] 
(Example III), then (since the proposition is an implicational formula) the 
rule (— > I) suggests itself. So try to derive p ^ {ijj ^ cr) from p f\ijj ^ a. 

Now we know where to start and where to go to. To make use oi p /\i!) ^ a 
we want pAijj (for (^ E)), and to get p (pjj —f a) we want to derive ip ^ a 
from p. So we may add p as a, hypothesis and look for a derivation oi ip ^ a. 
Again, this asks for a derivation of cr from ip, so add ip as a hypothesis and 
look for a derivation of cr. By now we have the following hypotheses available: 
p A Ip —>■ a, p and ip. Keeping in mind that we want to eliminate A '0 it is 
evident what we should do. The derivation III shows in detail how to carry 
out the derivation. After making a number of derivations one gets the practi- 
cal conviction that one should first take propositions apart from the bottom 
upwards, and then construct the required propositions by putting together 
the parts in a suitable way. This practical conviction is confirmed by the Nor- 
malization Theorem, to which we will return later. There is a particular point 
which tends to confuse novices: 



W\ bT\ 



and 



T 

^p 






RAA 



look very much alike. Are they not both cases of Reductio ad absurdum? As a 
matter of fact the leftmost derivation tells us (informally) that the assumption 
of p leads to a contradiction, so p eannot he the ease. This is in our termi- 
nology the meaning of “not p''\ The rightmost derivation tells us that the 
assumption of ^p leads to a contradiction, hence (by the same reasoning) ~^p 
cannot be the case. So, on account of the meaning of negation, we only would 
get It is by no means clear that —•^p is equivalent to p (indeed, this 

is denied by the intuitionists), so it is an extra property of our logic. (This 
is confirmed in a technical sense: ~^^p —^pis not derivable in the system 
without RAA. 

We now return to our theoretical notions. 



Definition 1.4.1 The set of derivations is the smallest set X sueh that 
(1) The one element tree p belongs to X for all p £PROP. 



V V' 

(2A) If , & X, then 

p p' 



V V' 
p p' G X. 



p Ap 
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V 

If G X , then 

(fi Atp 



V V 

(fi A tjj , (fi A G X . 

(fi 



(2^) IfT) G X, then 



[<^] 

V 



G X. 



V V 

V V' 

If , ^ X, then ip ip ^ if G X . 

p p — > Ip 

if 



(2±) If 



V 



G X , then 



V 



G X. 



-^p 

V 

If V ^ X, then G X. 



The bottom formula of a derivation is called its conclusion . Since the class 
of derivations is inductively defined, we can mimic the results of section 1.1. 

E.g. we have a principle of induction on T>: let A be a property. If A(T>) 
holds for one element derivations and A is preserved under the clauses (2A), 
(2 and (2 _L), then A{fD) holds for all derivations. Likewise we can define 
mappings on the set of derivations by recursion (cf. Exercises 6, 7, 9). 



Definition 1.4.2 The relation T \- p between sets of propositions and propo- 
sitions is defined by: there is a derivation with conclusion p and with all 
(uncancelled) hypotheses in T. (See also exercise 6). 

We say that p is derivable from T. Note that by definition T may contain 
many superfluous “hypotheses” . The symbol h is called turnstile . 

nr = 0, we write h p, and we say that is a theorem. 

We could have avoided the notion of ‘derivation’ and taken instead the 
notion of ‘derivability’ as fundamental, see Exercise 10. The two notions, how- 
ever, are closely related. 
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Lemma 1.4.3 (a) F \- ip if ip £ F, 

(b) Fh ip,F' h ^ FU F' h ip A fj, 

(c) F \- ip A tp ^ F \- ip and F \- fi, 

(d) FUp\-ip^F\-p^'ijj, 

(e) F ^ p, F' ^ p ^ ^ F U F' ^ fj, 

(f) F^F^F^p, 

(g) r U {^p} 'r F 'r p. 

Proof. Immediate from the definition of derivation. □ 

We now list some theorems. ^ and are used as abbreviations. 



Theorem 1.4.4 (1) \~ p ^ {tp ^ p), 

(2)\- p^ (-<p tp), 

fSj h (p ^ ip) ^ [{ip ^a)^{p^ cr)], 

(4) 'r {p^ip) ^ {-^ip -np), 

(5) \ — '->(/? p^ 

(6) ^ [p ^ {ip ^ a)\ [p Alp ^ cr], 

(7) h _L A “'</?)• 

Proof. 



1 . 




ip^p 



p^ {iP^p) 



h 



— ± 

2 . ip 



E 



-ip — > Ip 



h 



p^ {-^p^ Ip) 



h 



3. 



[pY [p^tpf 

ip 



E 



[iP 



E 



h 



(f ^ a 



{ip^ a) ^ {p^ a) 



{p^iP) ^ {{iP ^ a) ^ {p^ cr)) 



h 



4. For one direction, substitute _L for cr in 3, then \- {p ^ ip) ^ {-^ip ~^p)- 

Conversely: 
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hV']' 



h'0 ^ 






± 

- RAAi 

iP 






h 



{^ijj ~^ip) 



4 E 



h 



V V 

So now we have ((p —> ip) —>■ {—>ip -^p) {—^ip —^p) —>• (p ^ ip) 

(p^ip) ^ {-^ip ^ ~^p) 

5. We already proved p ~^^p as an example. Conversely: 

h^]l 



AI 



± 

-RAAi 

P 

-.p^p 



E 



h 



The result now follows. The numbers 6 and 7 are left to the reader. □ 

The system, outlined in this section, is called the “calculus of natural 
deduction” for a good reason. That is: its manner of making inferences corre- 
sponds to the reasoning we intuitively use. The rules present means to take 
formulas apart, or to put them together. A derivation then consists of a skilful 
manipulation of the rules, the use of which is usually suggested by the form 
of the formula we want to prove. 

We will discuss one example in order to illustrate the general strategy of 
building derivations. Let us consider the converse of our previous example III. 

To prove {p f\ ip ^ a) ^ [p ^ [ip ^ cr)] there is just one initial step: 
assume p Aip —>■ a and try to derive p ^ {ip> ^ a). Now we can either look at 
the assumption or at the desired result. Let us consider the latter one first: to 
show </?—>('(/>—> (t), we should assume p and derive ip ^ a, but for the latter 
we should assume ip and derive a. 

So, altogether we may assume pAip^a and p and ip. Now the procedure 
suggests itself: derive p A ip from p and ip, and a from p A ip and p A ip ^ a. 

Put together, we get the following derivation: 
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li’V 



M 



If Alp [(fi Atp ^ O']" 



E 



tp ^ a 



h 



{tp^ a) 



h 



{if Alp ^ a) ^ {if ^ (pip ^ cr)) 



Had we considered ip A ip ^ a first, then the only way to proceed is to 
add ip Alp and apply — *■ E. Now p A ip either remains an assumption, or it is 
obtained from something else. It immediately occurs to the reader to derive 
p A Ip from p and ip. But now he will build up the derivation we obtained 
above. 

Simple as this example seems, there are complications. In particular the 
rule of reductio ad absurdum is not nearly as natural as the other ones. Its 
use must be learned by practice; also a sense for the distinction between 
constructive and non- constructive will be helpful when trying to decide on 
when to use it. 

Finally, we recall that T is an abbreviation for ^_L (i.e. _L — *■ _L). 



Exercises 

1. Show that the following propositions are derivable. 

{a)p^p, (d) {p ^ Ip) ^ ^{p A^ip), 

(b) p, (e) {p Alp) ^ ^{p ^ ^ip), 

(c) ^{p A ^p), if) p^ {ip^{pA Ip)). 

2. Idem for (a) {p — > ~^p) — > ~^p, 

(b) [p ^ {ip ^ a] ^ [ip ^ {p ^ cr], 

(c) {p^ip) A{p^ ~^ip) -‘p, 

{d) {p^lp) ^ [{p ^ {ip^ cr)) ^{p^ cr)]. 

3. Show (a) p I — '{~^p Alp), {d) \~ p ^ \~ ip —>■ p, 

{b) ~^{p A -<ip),p h Ip, (e) ~^p \- p —>■ Ip. 

(c) -^p\- {p^ip) ^ ~^p, 

4. Show h \{p ^ip)^ {p^ cr)] ^ \{p ^ {ip^ cr))], 

h {{p ^ iP) ^ p) ^ p. 

5. Show r\-p^rLlA\-p, 

r\- p; A, p\-ip^ruA\- Ip. 



40 



1 Propositional Logic 



6. Give a recursive definition of the function Hyp which assigns to each 
derivation V its set of hypotheses Hyp{T>) (this is a bit stricter than the 
notion in definition 1.4.2, since it the smallest set of hypotheses, i.e. hy- 
potheses without ‘garbage’). 

7. Analogous to the substitution operator for propositions we define a sub- 
stitution operator for derivations. T>[ip/p] is obtained by replacing each 
occurrence of p in each proposition in T> by ip. Give a recursive defini- 
tion of Vlip/p], Show that V[ip/p] is a derivation if V is one, and that 
r h a r[(p/p] h a[ip/p\. Remark: for several purposes finer notions of 
substitution are required, but this one will do for us. 

8. (Substitution Theorem) h ^ <^ 2 ) — > {4>Ypi/p] ^ 4’VP2/p])- 

Hint: use induction on i!)] the theorem will also follow from the Substitu- 
tion Theorem for |=, once we have established the Gompleteness Theorem. 

9. The size, s{T>), of a derivation is the number of proposition occurrences 
in V. Give an inductive definition of s(T>). Show that one can prove prop- 
erties of derivations by it induction on the size. 

10. Give an inductive definition of the relation h (use the list of Lemma 1.4.3), 
show that this relation coincides with the derived relation of Defini- 
tion 1.4.2. Gonclude that each F with F \- p contains a finite A, such 
that also A\- p 

11. Show (a) h T, 

(b) \- p \- p ^ T , 

(c) I — 'p zp- \- p <->_L . 

1.5 Completeness 

In the present section we will show that “truth” and “derivability” coincide, to 
be precise: the relations ” and “h” coincide. The easy part of the claim is: 
“derivability” implies “truth”; for derivability is established by the existence 
of a derivation. The latter motion is inductively defined, so we can prove the 
implication by induction on the derivation. 



Lemma 1.5.1 (Soundness) F \- p P F \= p. 

Proof. Since, by definition 1.4.2, F \- p iS there is a derivation T> with all its 
hypotheses in F, it suffices to show: for each derivation T> with conclusion p 
and hypotheses in F we have F \= p. We now use induction on T>. 
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(basis) If V has one element, then evidently (p G F. The reader easily sees 
that r \= ip. 

V V 

(a I) Induction hypothesis: ^ and are derivations and for each T, F' 

containing the hypotheses of V, T>\ F \= ip, F' \= ip' . 

V V 

Now let F" contain the hypotheses of ip ip' 

ip A ip' 

Choosing F and F' to be precisely the set of hypotheses of V, T>' , we see 
that F" DFUF'. 

So F" 1= ip and F" |= p' . Let = 1 for all '0 G F" , then = 
= 1, hence \p A p'\y = 1. This shows F" \= p A p' . 

V 

(a E) Induction hypothesis: For any F containing the hypotheses of ^ ^ 

V 

we have F \= p Aij). Consider a F containing all hypotheses oi p At!) and 

‘P 

V 

A 0 . It is left to the reader to show F \= p and T |= 0. 

0 



P 

(—t I) Induction hypothesis: for any F containing all hypotheses of T> , 

0 

[^] 

V 

F \= tp. Let F' contain all hypotheses of ^ . Now F' {p} con- 

p^ip 



<P 

tains all hypotheses of T) , so if |(^] = 1 and |x] = 1 for all x in T', then 
0 

10] = 1. Therefore the truth table of ^ tells us that > 0| = 1 if all 
propositions in F' have value 1. Hence F' \= p ijj. 



(— > E) An exercise for the reader. 

V 

(T) Induction hypothesis: For each F containing all hypotheses of , T |=T. 

Since |T| = 0 for all valuations, there is no valuation such that |0| = 1 for 

V 

all tjj G F. Let F' contain all hypotheses of T and suppose that F' p^ 

P 

then 10] = 1 for all ip G F' and |:p| = 0 for some valuation. Since F' 
contains all hypotheses of the first derivation we have a contradiction. 
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(RAA). Induction hypothesis: for each F containing all hypotheses of 

h^] 

V 

V , we have A |= A. Let F' contain all hypotheses of and suppose 
A 

F' ^ then there exists a valuation such that 1-0] = 1 for all tjj G F' 
and |(/j] = 0, i.e. = 1. But F” = F' Li contains all hypotheses 

of the first derivation and 1-0] = 1 for all ip G F" . This is impossible since 
F" ^A. Hence F' ^ ip. □ 

This lemma may not seem very impressive, but it enables us to show that 
some propositions are not theorems, simply by showing that they are not tau- 
tologies. Without this lemma that would have been a very awkward task. We 
would have to show that there is no derivation (without hypotheses) of the 
given proposition. In general this requires insight in the nature of derivations, 
something which is beyond us at the moment. 

Examples . 1/ poi ^ (if ^ ip) —>■ if /\ ip- 

In the first example take the constant 0 valuation. |po] = 0, so ^ po and 
hence 1/ po- In second example we are faced with a meta proposition (a 
schema); strictly speaking it cannot be derivable (only real propositions can 
be) . By \- {ip ^ ip) ^ ip A ip we mean that all propositions of that form (ob- 
tained by substituting real propositions for (p and ip, if you like) are derivable. 
To refute it we need only one instance which is not derivable. Take (p = ip = pq. 
In order to prove the converse of Lemma 1.5.1 we need a few new notions. 
The first one has an impressive history; it is the notion of freedom from con- 
tradiction or consistency. It was made the cornerstone of the foundations of 
mathematics by Hilbert. 



Definition 1.5.2 A set F of propositions is consistent if F \/F. 

In words: one cannot derive a contradiction from F. The consistency of F 
can be expressed in various other forms: 



Lemma 1.5.3 The following three conditions are equivalent: 

(i) F is consistent, 

(a) For no ip, F \- ip and F I — up, 

(Hi) There is at least one ip such that F [/ ip 

Proof. Let us call F inconsistent if F hA, then we can just as well prove the 
equivalence of 

(iv) F is inconsistent, 

(v) There is a p such that F \- ip and F I — up, 

(vi) F \- ip for all ip. 
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(iv) =l> (vi) Let F h_L, i.e. there is a derivation T> with conclusion _L and 
hypotheses in F. By (_L) we can add one inference, _L h to V, so that F \- Lp. 
This holds for all if. 

(vi) (v) Trivial. 

(v) ^(iv) Let F \- If and F I — •^f. From the two associated derivations one 

obtains a derivation for F FT by (— > E). □ 

Clause (vi) tells us why inconsistent sets (theories) are devoid of mathe- 
matical interest. For, if everything is derivable, we cannot distinguish between 
“good” and “bad” propositions. Mathematics tries to find distinctions, not to 
blur them. 

In mathematical practice one tries to establish consistency by exhibiting 
a model (think of the consistency of the negation of Euclid’s fifth postulate 
and the non-euclidean geometries). In the context of propositional logic this 
means looking for a suitable valuation. 



Lemma 1.5.4 If there is a valuation such that |'0]„ = 1 for all if G F, then 
F is consistent. 

Proof. Suppose F FT, then by Lemma 1.5.1 F ^T, so for any valuation v 
[(V’)lt' = 1 for all '0 G F |T]„ = 1. Since |T]„ = 0 for all valuations, 
there is no valuation with 1-0]^ = 1 for all 0 G F. Contradiction. Hence F is 
consistent. 

□ 

Examples. 

1. P 2 } is consistent. A suitable valuation is one satisfying 

bo] = 1, bil = 0. 

2- {PoiPi, ■ ■ •} is consistent. Choose the constant 1 valuation. 

Clause (v) of Lemma 1.5.3 tells us that F U is inconsistent. Now, 

how could F U be inconsistent? It seems plausible to blame this on the 

derivability of f. The following confirms this. 



Lemma 1.5.5 (a) FU {^f} is inconsistent F F 

(b) F U {f\ is inconsistent F I — <f. 



Proof. The assumptions of (a) and (b) yield the two derivations below: with 
conclusion T. By applying (i?AA), and (— *■ /), we obtain derivations with 
hypotheses in F, of f, resp. ^f. 



V 

T 

— RAA 

F 



[f] 

V 






I 



□ 
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Definition 1.5.6 A set F is maximally consistent iff 

(a) r is consistent, 

(b) r C r' and F' consistent ^ F = F' . 



Remark. One could replace (b) by (b’): if O is a proper subset of F', then F' 



is inconsistent. I.e., by just throwing in one extra proposition, the set becomes 
inconsistent. 

Maximally consistent sets play an important role in logic. We will show 
that there are lots of them. 

Here is one example: F = = 1} for a fixed valuation. By 

Lemma 1.5.4 F is consistent. Consider a consistent set F' such that F C F' . 
Now let ijj € F’ and suppose |i/^] = 0, then |-n/;] = 1, and so -^ijj S F. 

But since F C F' this implies that F' is inconsistent. Contradiction. 
Therefore |'0] = 1 for all ijj € F', so by definition F = F' . From the proof 
of Lemma 1.5.11 it follows moreover, that this basically is the only kind of 
maximally consistent set we may expect. 

The following fundamental lemma is proved directly. The reader may 
recognise in it an analogue of the Maximal Ideal Existence Lemma from ring 
theory (or the Boolean Prime Ideal Theorem), which is usually proved by an 
application of Zorn’s Lemma. 

Lemma 1.5.7 Each consistent set F is contained in a maximally consistent 
set F* . 

Proof. There are countably many propositions, so suppose we have a list 

of all propositions (cf. Exercise 5). We define a non-decreasing 

sequence of sets Ti such that the union is maximally consistent. 



(a) Fn is consistent for all n. 

Immediate, by induction on n. 

(b) F* is consistent. 

Suppose F* FT then, by the definition of T there is derivation of T 
with hypotheses in F*; T> has finitely many hypotheses ijjo, . . . Since 
C* = — 0}, we have for each i < kipi € Fn^ for some Let 

n be max{ni\i < k}, then i/jq, . . . € F^ and hence F„ FT. But Fn is 

consistent. Contradiction. 

(c) F* is maximally consistent. Let F* C A and A consistent. Iftjj G A, then 

^ for some m. Since F^ C F* Q A and A is consistent, Fm U {<fm\ 

is consistent. Therefore Fm+i = Cm U i.e. ^Pm F Fm+i C F* . This 

shows F* = A. □ 



r* = I n > 0}. 
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Lemma 1.5.8 If F is maximally consistent, then F is closed under derivahil- 
ity (i.e. F \- ip ^ ip G F). 

Proof. Let F \- (p and suppose ip ^ F. Then T U {f^} must be inconsistent. 
Hence F I — up, so F is inconsistent. Contradiction. □ 



Lemma 1.5.9 Let F be maximally consistent; then 

(a) for all ip either ip G F, or ~^ip G F, 

(b) for all ip, if ip^ipGF 4^ (ip GF^i/jGF). 

Proof, (a) We know that not both ip and ~^ip can belong to F. Consider F' = 
TU {(/?}. If F' is inconsistent, then, by 1.5.5, 1.5.8, -'ip G F. If F' is consistent, 
then ip G F hy the maximality of F. 

(b) Let ip ^ ijj G F and ip G F. To show: ip G F. Since ip,ip ^ ip G F and 
since F is closed under derivability (Lemma 1.5.8), we get ip G F hy ^ E. 

Conversely: let ip G F ^ipGF.liipGF then obviously F \- ip, so 
Fhp^ip.liip^F, then ^ip G F, and hence F I — up. Therefore F \- ip ^ ip. 

□ 

Note that we automatically get the following: 



Corollary 1.5.10 If F is maximally consistent, then ip G F —up F , 

and ~^ip G F 4^ ip ^ F. 

Lemma 1.5.11 If F is consistent, then there exists a valuation such that 

IV'l = 1 for all Ip G F. 

Proof.{a) By 1.5.7 F is contained in a maximally consistent F* 

(b) Define v{pi) = 

and extend v to the valuation | ]„. 

Claim: |(^] = 1 ip G F* . Use induction on ip. 

1. For atomic ip the claim holds by definition. 

2. ip = Ip A a. |v3]„ = 1 = |ct]„ = 1 (induction hypothesis) 

ip,a G F* and so ip G F*. Conversely ip A a G F* ip,a G F* 

(1.5.8). The rest follows from the induction hypothesis. 

3. p = Ip ^ a. IV' cr]„ = 0 |V']„ = 1 and |cr].u = 0 (induction 

hypothesis) ip G F* and a^F*^ip^a^F* (by 1.5.9). 

(c) Since F C F* we have |V']u = 1 for all ip G F. □ 

Corollary 1.5.12 F 1/ p there is a valuation such that IV’l = 1 for all 

iPGFandlp]=0. 



I lifp^GF* 
\ 0 else 
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Proof, r \/ (fi ^ r U {^if} consistent there is a valuation such that 1-0] = 1 
for all 0 € -T U {“'V?}, or |0] = 1 for all 0 S and |(^] = 0. □ 



Theorem 1.5.13 (Completeness Theorem) P \- ip P \= ip . 

Proof. P\/ip^P^iphy 1.5.12. The converse holds by 1.5.1. □ 

In particular we have h ^ so the set of theorems is exactly the set 
to tautologies. 

The Completeness Theorem tells us that the tedious task of making deriva- 
tions can be replaced by the (equally tedious, but automatic) task of checking 
tautologies. This simplifies, at least in theory, the search for theorems consid- 
erably; for derivations one has to be (moderately) clever, for truth tables one 
has to possess perseverance. 

For logical theories one sometimes considers another notion of complete- 
ness: a set P is called complete if for each ip, either P \- ip, or P \ up. This 

notion is closely related to “maximally consistent”. From Exercise 6 it fol- 
lows that Cons{P) = {o\P h a} {the set of consequences of P) is maximally 
consistent if F is a complete set. The converse also holds (cf. Exercise 10). 
Propositional logic itself (i.e. the case F = 0) is not complete in this sense, 
e.g. l/po and 1/ ^po- 

There is another important notion which is traditionally considered in 
logic: that of decidability. Propositional logic is decidable in the following 
sense: there is an effective procedure to check the derivability of propositions 
ip. Put otherwise: there is an algorithm that for each ip tests if h ip. 

The algorithm is simple: write down the complete truth table for ip and check 
if the last column contains only I’s. If so, then |= p and, by the Completeness 
Theorem, h p. If not, then ^ p and hence 1/ p. This is certainly not the 
best possible algorithm, one can find more economical ones. There are also 
algorithms that give more information, e.g. they not only test h p, but also 
yield a derivation, if one exists. Such algorithms require, however, a deeper 
analysis of derivations. This falls outside the scope of the present book. 

There is one aspect of the Completeness Theorem that we want to discuss 
now. It does not come as a surprise that truth follows from derivability. After 
all we start with a combinatorial notion, defined inductively, and we end up 
with ‘being true for all valuations’. A simple inductive proof does the trick. 

For the converse the situation is totally different. By definition P \= p 
means that |p]„ = 1 for all valuations v that make all propositions of F true. 
So we know something about the behaviour of all valuations with respect to 
F and p. Can we hope to extract from such infinitely many set theoretical 
facts the finite, concrete information needed to build a derivation for P \- p7 
Evidently the available facts do not give us much to go on. Let us therefore sim- 
plify matters a bit by cutting down the F ; after all we use only finitely many 
formulas of F in a derivation, so let us suppose that those formulas 0i, . . . , 0„ 
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are given. Now we can hope for more success, since only finitely many atoms 
are involved, and hence we can consider a finite “part” of the infinitely many 
valuations that play a role. That is to say only the restrictions of the valuations 
to the set of atoms occurring in '0i, are relevant. Let us simplify the 

problem one more step. We know that tpi, ... ,iljn b ‘P (V'l) • • ■ i V'n p) can 
be replaced by h i/)! A . . . A ^ p{\= '0i A . . . A — > </?), on the ground of 
the derivation rules (the definition of valuation). So we ask ourselves: given 
the truth table for a tautology ct, can we effectively find a derivation for cr? 
This question is not answered by the Completeness Theorem, since our proof 
of it is not effective (at least not prima facie so). It has been answered posi- 
tively, e.g. by Post, Bernays and Kalmar (cf. [Kleene 1952] IV, §29) and it is 
easily treated by means of Gentzen techniques, or semantic tableaux. We will 
just sketch a method of proof: we can effectively find a conjunctive normal 
form a* for a such that h cr ^ cr*. It is easily shown that cr* is a tautology 
iff each conjunct contains an atom and its negation, or ^ T, and glue it all 
together to obtain a derivation of cr*, which immediately yields a derivation 
of cr. 

Exercises 

1. Check which of the following sets are consistent. 

(a) {^pi Ap 2 ^Po,Pi (^Pi ^P 2 ),Po ^ ^P 2 }, 

(b) {po Pl,Pl P 2 ,P 2 P3,P3 ^Po}, 

(c) {po ^ Pl,P 0 Ap 2 ^ Pi AP3,P0 Ap 2 Ap4 ^ Pi AP3 Aps, . . .}. 

2. Show that the following are equivalent: 

(a) {pi, . . ., pn} is consistent. 

(b) 1/ ^(pi A p2 A . . .p„). 

(c) 1/ Pi A p 2 A ... A p„_i ^ ^p„. 

3. p is independent from T if T 1/ p and F \f ^p. Show that: pi — *■ pi is 
independent from {pi ^ pQ A ^P 2 ,P 2 — *■ Po}- 

4. A set F is independent if for each p S T F — {p| 1/ p. 

(a) Show that each finite set F has an independent subset A such that 
Z\ h p for all p € T. 

(b) Let F = {po,pi,p 2 , • . .}. Find an equivalent set F' = {'0o,'0i, • ■ ■} 
(i.e. F h tpi and F' h p^ for all i) such that h '0n-i-i ^ ipn, but 
\/ il^n ^ 4>n+i- Note that F' may be finite. 

(c) Consider an infinite F' as in (b). Define ao = ipo, c^n+i = 'i’n ^ i^n+i- 
Show that Z\ = {cTo, (Ti, (72, . . .} is independent and equivalent to F'. 

(d) Show that each set F is equivalent to an independent set A. 

(e) Show that A need not be a subset of F (consider {po,po Api, 

Po Api Ap 2 ,...}). 
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5. Find an effective way of enumerating all propositions (hint: consider sets 
Fn of all propositions of rank < n with atoms from po, . . . ,pn). 

6. Show that a consistent set F is maximally consistent if either p G F oy 

€ F for all p. 

7. Show that {po,Pi,P 2 , ■ ■ ■ ■ • ■} is complete. 

8. {Compactness Theorem). Show : there is a t; such that = 1 for all 
tjj G F ^ for each finite subset A C F there is a n such that |(t]„ = 1 for 
all a G A. 

Formulated in terms of Exercise 13 of 1.3: |F] ^ 0 if |Z\] ^ 0 for all finite 
ACF. 

9. Consider an infinite set {pi,p 2 ,P 3 , ■ ■ ■}■ If for each valuation there is an 
n such that \pn\ = 1, then there is an m such that h V . . . V pm- (Hint: 
consider the negations ~^pi,^p 2 ■ ■ ■ and apply Exercise 8) . 

10. Show: Cons(F) = {a\F h a} is maximally consistent F is complete. 

11. Show: F is maximally consistent there is a unique valuation such that 
|'0] = 1 for all V' G r, where F is a theory, i.e. F is closed under h 
(F h cr ^ cr e F) . 

12. Let p he & proposition containing the atom p. For convenience we write 
p{o') for p[a/p\. As before we abbreviate ^ F by T. 

Show: (i) :^(T) h (/^(T) ^ T and V?(T) h (/j((^(T)). 

{a) ~^p{T) h v?(T) 

</5(p),-’F(T) bp ^F, 

b </?(‘/j(T)). 

{in) p{p) b :p(:p(T)). 

13. If the atoms p and q do not occur in ip and p respectively, then 

1= p{p) ^ Ip ^ \= p{a) —>■ Ip for all cr, 

\= p ^ ip{q) ^ \= p ^ '0(o') for fol rr. 

14. Let \- p ^ Ip. We call a an interpolant if b p — > cr and \- a —>■ ip, and more- 
over a contains only atoms common to p and ip. Consider p{p,r),ip{r,q) 
with all atoms displayed. Show that p{p{T ,r),r) is an interpolant (use 
Exercise 12, 13). 

15. Prove the general Interpolation Theorem (Craig): For any p, ip with \- p ^ 
Ip there exists an interpolant (iterate the procedure of Exercise 13). 
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1.6 The Missing Connectives 

The language of section 1.4 contained only the connectives A, — > and _L. We 
already know that, from the semantical point of view, this language is suffi- 
ciently rich, i.e. the missing connectives can be defined. As a matter of fact we 
have already used the negation as a defined notion in the preceding sections. 

It is a matter of sound mathematical practice to introduce new notions if 
their use simplifies our labour, and if they codify informal existing practice. 
This, clearly, is a reason for introducing -i, <-> and V. 

Now there are two ways to proceed: one can introduce the new connectives 
as abbreviations (of complicated propositions), or one can enrich the language 
by actually adding the connectives to the alphabet, and providing rules of 
derivation. 

The first procedure was adopted above; it is completely harmless, e.g. 
each time one reads (p if), one has to replace it by {ip —>■ 'ip) ^ f)- 

So it is nothing but a shorthand, introduced for convenience. The second 
procedure is of a more theoretical nature. The language is enriched and the set 
of derivations is enlarged. As a consequence one has to review the theoretical 
results (such as the Completeness Theorem) obtained for the simpler language. 

We will adopt the first procedure and also outline the second approach. 



Definition 1.6.1 pWtjj := A -ii/j) , 

:= p 

p ^ Ip := (p —>■ tp) A {ip —>■ p) . 

N.B. This means that the above expressions are not part of the language, but 
abbreviations for certain propositions. 

The properties of V, ^ and are given in the following: 



Lemma 1.6.2 (i) p\-p\/ip, iphpWip, 

(a) r,p\- a and r,ip\~a^r, p\/ip\-a, 

(iii) p, ~^p bT, 

( iv) r, p hT=^ r I — ip, 

(v) p ip,p\- Ip and p ip,ip\- p, 

(vi) r, p \- Ip and F,ip \~ p ^ F \- p ip . 

Proof. The only non-trivial part is {ii). We exhibit a derivation of cr from F 
and py Ip (i.e. ~<{^p A ~iip)), given derivations T>i and T>2 oi F,p \- a and 
F,ip \- a. 
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T>i T>2 



>h 



E 



a MOT 



E 



i(/3 A -^ip 



>h 

—lib 

AJ 



a -lip) 



E 



± 

-RAA 3 

a 



The remaining cases are left to the reader. □ 

Note that (i) and (ii) read as introduction and elimination rules for V, (in) 
and {iv) as ditto for (vi) and (w) as ditto for <->. 

They legalise the following shortcuts in derivations: 

1‘p] [V'] 



ip\/ Ip a a 

\JE 

a 

W] 



T 

— ~^I 



T 









(pV Ip 



■VI 



w 



ipV Ip 



VI 



[A [^] 

ip ip 



p p ■ 



ip 



ip 



Ip p ^ Ip 



E 



p Ip 



I 
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Consider for example an application 


of yE 










Vx 


V2 


py Ip 


a 


a 



a 



This is a mere shorthand for 






T>i T>2 



_L 

— 1 



_L 

—lip 



2 



A -Tip) 



■^^p A -lip 



1 



_L 

-3 

a 



The reader is urged to use the above shortcuts in actual derivations, when- 
ever convenient. As a rule, only V/ and VA are of importance, the reader has 
of course recognised the rules for ^ and <-> as slightly eccentric applications 
of familiar rules. 

Examples, h {ip A ip) \/ a ^ {ip\J a) A {ip \f a). 



[ipAipY 




{ip Aip)y a ip\J <7 p\J (j 

ip\/ a 



[ip A ipf 
iP 

{p Aip)y a ipy a 
ipy (j 




{py a) A {ip y a) 



( 1 ) 
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Conversely 



((p V (t) A (V’ V a) 



cp V a 



{ip V a) A {ip \/ cr) <p A ip [cr]^ 



Ip y G {<p> Alp) y a {<p> Alp) y G 

1 

{(p Alp) y G 



{p Alp) y G 




{p A Ip) y G 



( 2 ) 



Combining (1) and (2) we get one derivation: 



[{^p A '?/’) V cr] [{ip V cr) A ('0 V a)\ 

V V 

(<^ V cr) A (0 V fj) ((/? A 0) V fj 

(V? A 0) V cr <-!■ (</3 V cr) A (0 V cr) 



\- p\J 




V -i(/5 [Ap\J 



>h 




p V 



E 



[Apy^p)Y 



h ((/5 ^ 0) V (0 ^ 



RAA2 

p V 



4 E 



M' 



V/ 

{p^ip)\f {ip ^ p) [-i((v3 ^ip)y {ip ^ p))f ^ 

± 

— A 

0 

yh 

p^ip 

V7 

{p ^ ip)y {ip ^ p) A{{p ^ Ip) y {ip ^ p))f 



RAA2 



{p ^ ip)y {ip ^ p) 
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I '{(p A '0) — >■ V -10 



M 



n0] 



V “>0)] ~'P> V —I’ll) [-'(-'tp V “>0)] V “10 



_L 

V> 



_L 

0 



0<p A0)] 



if Atjj 



_L 



V “10 



■i((/3 A 0) — >■ “i(/3 V “10 



□ 

We now give a sketch of the second approach. We add V,^ and to 
the language, and extend the set of propositions correspondingly. Next we 
add the rules for V, ^ and listed above to our stock of derivation rules. To 
be precise we should now also introduce a new derivability sign, we will how- 
ever stick to the trusted h in the expectation that the reader will remember 
that now we are making derivations in a larger system. The following holds: 



Theorem 1.6.3 h tp V 0 A 

I — lip ((^ ^-L)- 

h ((/5 0) ^ 0) A (0 ^ 



Proof. Observe that by Lemma 1.6.2 the defined and the primitive (real) con- 
nectives obey exactly the same derivability relations (derivation rules, if you 
wish). This leads immediately to the desired result. Let us give one example. 
p I — i(“i(/5 A “10) and 0 I — A “i0) (1.6.2 (i)), so by Vif we get 
V 0 I — A “10) • ■ . (1) 

Conversely p\- p\J (by V/), hence by 1.6.2 (ii) 

~^{^p A “10) h V 0 ... (2) 

Apply <-> /, to (1) and (2), then h V 0 A “i0). The rest is left to 

the reader. □ 

For more results the reader is directed to the exercises. 

The rules for and ^ capture indeed the intuitive meaning of those 

connectives. Let us consider disjunction: (Vl) : If we know p then we certainly 
know p\/ Ip (we even know exactly which disjunct). The (VE)-rule captures 
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the idea of “proof by cases” : if we know ip V ip and in each of both cases 
we can conclude a, then we may outright conclude cr. Disjunction intuitively 
calls for a decision: which of the two disjuncts is given or may be assumed? 
This constructive streak of V is crudely but conveniently blotted out by the 
identification of ip V ip and A -‘ip). The latter only tells us that p and ip 

cannot both be wrong, but not which one is right. For more information on this 
matter of constructiveness, which plays a role in demarcating the borderline 
between two-valued classical logic and effective intuitionistic logic, the reader 
is referred to Chapter 5. 

Note that with V as a primitive connective some theorems become harder 

to prove. E.g. I A -<p) is trivial, but \- p\/ ~^p is not. The following 

rule of the thumb may be useful: going from non-effective (or no) premises to 
an effective conclusion calls for an application of RAA. 



Exercises 

1 . Show \- p\J Ip ^ Ip \J p ,\- p\/ p p. 

2. Consider the full language £ with the connectives A, — T, <-> V and the 
restricted language C with connectives A, T. Using the appropriate 
derivation rules we get the derivability notions h and . We define an 
obvious translation from C into C \ 

p~^ := p for atomic p 
{pL\ip)'^ := (^+□'0+ for □ = A,^, 

{p V ip)~^ := -‘{-'p'^ A -i(^“''),where^ is an abbreviation, 

[p 0)+ := ((^+ ^ -0+) A ('0+ — > p~^), 

{^p)+ := p+ . 

Show (i) \- p 

{ii) h h' , 

{in) p~^ = pforp S C . 

{iv) Show that the full logic, is conservative over the restricted 
logic, i.e. iorp € £' \~ p ^ p. 

3. Show that the Completeness Theorem holds for the full logic. Hint: use 
Exercise 2. 

4. Show (a) h T V T . 

(6) h T) V (:/? 

(c) h T). 
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5. Show \- {ipy tjj) {{if il)) ^ tp). 

6. Show (a) r is complete {F \- ip V tp F \- ip or F \- tp, for all ip, ip), 

(b) F is maximally consistent 7^ is a consistent theory and for 
all p, Ip {p \/ Ip G F 4^ p G F or Ip G F). 



7. Show in the system with V as a primitive connective 
G (p^ip) ^ {^pWip), 
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Gothic Alphabet 

.(Spcr 

rgfjf 

I ^ c£^ . £( i£i S([Xva>Wm 
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.Xxx^ 
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Predicate Logic 



2.1 Quantifiers 

In propositional logic we used large chunks of mathematical language, namely 
those parts that can have a truth value. Unfortunately this use of language 
is patently insufficient for mathematical practice. A simple argument, such 
as “all squares are positive, 9 is a square, therefore 9 is positive” cannot be 
dealt with. From the propositional point of view the above sentence is of the 
form ip A Ip —>■ a, and there is no reason why this sentence should be true, 
although we obviously accept it as true. The moral is that we have to extend 
the language, in such a way as to be able to discuss objects and relations. In 
particular we wish to introduce means to talk about all objects of the domain 
of discourse, e.g. we want to allow statements of the form “all even numbers 
are a sum of two odd primes” . Dually, we want a means of expressing “there 
exists an object such that ...”, e.g. in “there exists a real number whose 
square is 2” . 

Experience has taught us that the basic mathematical statements are of 
the form “a has the property P” or “a and b are in the relation i?” , etc. Exam- 
ples are: “n is even”, “/ is differentiable”, “3 = 5”, “7 < 12”, “i? is between 
A and C” . Therefore we build our language from symbols for properties, re- 
lations and objects. Furthermore we add variables to range over objects (so 
called individual variables), and the usual logical connectives now including 
the quantifiers V and 3 (for “for all” and “there exists” ) . 

We first give a few informal examples. 

3xP{x) — there is an x with property P, 

yyP{y) — for all y P holds (all y have the 

property P), 

yx3y{x = 2y) — for all x there is a y such that x is 

two times y, 

Ve(e > 0 — > 3n(i < e)) — for all positive e there is an n such 

that i < e, 
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X < y ^ 3z{x < z /\ z < y) — a X < y, then there is a z such that 

X < z and z < y, 

\/x3y(x.y =1) — for each x there exists an inverse y. 

We know from elementary set theory that functions are a special kind of 
relations. It would, however, be in flagrant conflict with mathematical practice 
to avoid functions (or mappings). Moreover, it would be extremely cumber- 
some. So we will incorporate functions in our language. 

Roughly speaking the language deals with two categories of syntactical en- 
tities: one for objects - the terms, one for statements - the formulas. Examples 
of terms are: 17, x, (2 -|- 5) — 7, 

What is the subject of predicate logic with a given language? Or, to put it 
differently, what are terms and formulas about? The answer is: formulas can 
express properties concerning a given set of relations and functions on a fixed 
domain of discourse. We have already met such situations in mathematics; 
we talked about structures, e.g. groups, rings, modules, ordered sets (see any 
algebra text). We will make structures our point of departure and we will get 
to the logic later. 

In our logic we will speak about “all numbers” or “all elements”, but 
not about “all ideals” or “all subsets”, etc. Loosely speaking, our variables 
will vary over elements of a given universe (e.g. the n x n matrices over the 
reals), but not over properties or relations, or properties of properties, etc. 
For this reason the predicate logic of this book is called first-order logic, or 
also elementary logic. In everyday mathematics, e.g. analysis, one uses higher 
order logic. In a way it is a surprise that first-order logic can do so much for 
mathematics, as we will see. A short introduction to second-order logic will 
be presented in chapter 4. 



2.2 Structures 

A group is a (non-empty) set equipped with two operations, a binary one and 
a unary one, and with a neutral element (satisfying certain laws) . A partially 
ordered set is a set, equipped with a binary relation (satisfying certain laws). 
We generalize this as follows: 



Definition 2.2.1 A structure is an ordered sequence 

{A, Ri,. . . , Rn, Fi, . . . , Fm, {ci\i G /}), where A is a non-empty set. R\, . . . , Rn 
are relations on A, Fi, . . . , Fm are functions on A, the Ci {i G I) are elements 
of A (constants). 

Warning. The functions Tj are total, i.e. defined for all arguments; this calls 
sometimes for tricks, as with 0“^ (cf. p. 87). 

Examples. (M, -I-, ,0,1) - the field of real numbers, 

(N, <) - the ordered set of natural numbers. 
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59 



We denote structures by Gothic capitals: 21, 25, £, D, — The script letters 
are shown on page 56. 

If we overlook for a moment the special properties of the relations and 
operations (e.g. commutativity of addition on the reals), then what remains 
is the type of a structure, which is given by the number of relations, functions 
(or operations), and their respective arguments, plus the number (cardinality) 
of constants. 



Definition 2.2.2 The similarity type of a structure 21 = {A, i?i, . . . , i?„, Tf, 

. . . , Fm, {ci\i G I}) is a sequence, (ri, . . . , Cn; oi, . . . , am] k) , where Ri C , 
Fj : A, K = \{ci \i G /}| (cardinality of I). 

The two structures in our example have (similarity) type (— ;2,2,1;2) 
and (2;— ;0). The absence of relations, functions is indicated by — . There 
is no objection to extending the notion of structure to contain arbitrarily 
many relations or functions, but the most common structures have finite types 
(including finitely many constants). 

It would, of course, have been better to use similar notations for our struc- 
tures, i.e. [A] i?i, . . . , Rn] Fi, . . . , Fm] Ci\i G I), but that would be too pedantic. 

li R G_ A, then we call R a property (or unary relation), \i R G_ A^ , then 
we call R a binary relation, if i? C A^, then we call R an n-ary relation. 

The set A is called universe of 21. Notation. ^ = |2l|. 21 is called (in)finite 
if its universe is (in)finite. We will mostly commit a slight abuse of language 
by writing down the constants instead of the set of constants, in the example 
of the field of real numbers we should have written: (K,-|-,-,“^,{0,l}), but 
(K, ,0, 1) is more traditional. Among the relations one finds in struc- 
tures, there is a very special one: the identity (or equality) relation. 

Since mathematical structures, as a rule, are equipped with the identity 
relation, we do not list the relation separately. It does, therefore, not occur in 
the similarity type. We henceforth assume all structures to possess an iden- 
tity relation and we will explicitly mention any exceptions. For purely logical 
investigations it makes, of course, perfect sense to consider a logic without 
identity, but the present book caters for readers from the mathematics or 
computer science community. 

One also considers the “limiting cases” of relations and functions, i.e. 0-ary 
relations and functions. An 0-ary relation is a subset of A®. Since A® = {0} 
there are two such relations: 0 and {0} (considered as ordinals: 0 and 1). 0-ary 
relations can thus be seen as truth values, which makes them play the role 
of the interpretations of propositions. In practice 0-ary relations do not crop 
up, e.g. they have no role to play in ordinary algebra. Most of the time the 
reader can joyfully forget about them, nonetheless we will allow them in our 
definition because they simplify certain considerations. A 0-ary function is a 



60 



2 Predicate Logic 



mapping from into A, i.e. a mapping from {0} into A. Since the mapping 
has a singleton as domain, we can identify it with its range. 

In this way 0-ary functions can play the role of constants. The advantage 
of the procedure is, however, negligible in the present context, so we will keep 
our constants. 

Exercises 

1. Write down the similarity type for the following structures: 

(i) (Q,<,0) 

(ii) (N, +, •, 5, 0, 1, 2, 3, 4, . . . , n, . . .),whereS'(a;) = x + 1, 

(hi) (7^(N),c,u,n,%0), 

(iv) (Z/(5),+,-,-,-i,0,l,2,3,4), 

(v) ({0, 1}, A, V, - 1 , 0, 1) , where A, V, — ^ operate according to 
the ordinary truth tables, 

(vi) (M, 1), 

(vii) (M), 

(viii) (M,N, <,T, ^, | |, —), where T(a, 6, c) is the relation‘6 is between 
a and c’,^is the square function, — is the subtraction function 
and I I the absolute value. 

2. Give structures with type (1, 1; — ; 3), (4; — ; 0). 



2.3 The Language of a Similarity Type 

The considerations of this section are generalizations of those in section 1.1.1. 
Since the arguments are rather similar, we will leave a number of details 
to the reader. For convenience we fix the similarity type in this section: 
(ri, . . . , r„; oi, . . . , a^,; k), where we assume r, > 0, aj > 0. 

The alphabet consists of the following symbols: 

1. Predicate symbols: Pi, . . . , = 

2. Function symbols: /i, . . . , /^ 

3. Constant symbols: Ci for i € I 

4. Variables: Xo,xi,X 2 , ■ ■ ■ (countably many) 

5. Connectives: V, A, T V, 3 

6. Auxiliary symbols: (,), 

V and 3 are called the universal and existential quantifier. The curiously look- 
ing equality symbol has been chosen to avoid possible confusion, there are in 
fact a number of equality symbols in use: one to indicate the identity in the 
models, one to indicate the equality in the meta language and the syntactic 
one introduced above. We will, however, practice the usual abuse of language, 
and use these distinctions only if it is really necessary . As a rule the reader 
will have no difficulty in recognising the kind of identity involved. 
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Next we define the two syntactical categories. 

Definition 2.3.1 TERM is the smallest set X with the properties 
(i) Ci G X{i G I) and Xi G X{i G N), 

(a) ti,...,tai G X ^ • • -,tai) GX,forl<i<m 

TERM is our set of terms. 

Definition 2.3.2 FORM is the smallest set X with the properties: 

(i) Eg X\ Pi G X if Ti = Q-, ti, . . . , in G TERM ^ 

Piifi^ . . . , tj.^^ G X'., t\02 G TERM t\ = t2 G X , 

(a) G X ^ {(p\3'ip) G X, where □ G {A, V, — 

(Hi) (fi G X ^ G X, 

(iv) if G X ^ ((3a;i)f^) G X. 

FORM is our set of formulas. We have introduced ti = t 2 separately, but 
we could have subsumed it under the first clause. If convenient, we will not 
treat equality separately. The formulas introduced in (f) are called atoms. We 
point out that(i) includes the case of 0-ary predicate symbols, conveniently 
called proposition symbols. 

A proposition symbol is interpreted as a 0-ary relation, i.e. as 0 or 1 (cf. 
2.2.2). This is in accordance with the practice of propositional logic to in- 
terpret propositions as true or false. For our present purpose propositions 
are a luxury. In dealing with concrete mathematical situations (e.g. groups 
or posets) one has no reason to introduce propositions (things with a fixed 
truth value). However, propositions are convenient (and even important) in 
the context of Boolean- valued logic or Heyting- valued logic, and in syntactical 
considerations. 

We will, however, allow a special proposition: T, the symbol for the false 
proposition (cf. 1.2). 

The logical connectives have, what one could call ‘a domain of action’, 
e.g. in ip tjj the connective — > yields the new formula ip ^ if from formu- 
las ip and if, and so ^ bears on ip, if and all their parts. For propositional 
connectives this is not terribly interesting, but for quantifiers (and variable- 
binding operators in general) it is. The notion goes by the name of scope . 
So in {(\/x)ip) and {{3x)ip),ip is the scope of the quantifier. By locating the 
matching brackets one can easily effectively find the scope of a quantifier. If 
a variable, term or formula occurs in ip, we say that it is in the scope of the 
quantifier in Wxip or 3xip. 

Just as in the case of PROP, we have induction principles for TERM and 
FORM. 

Lemma 2.3.3 Let A(f) he a property of terms. If Aft) holds fort a variable or 
a constant, and if A{t{) , A{t 2 ) , ■ ■ ■ , A(t„) ^ A{f{ti, . . . , tn)), for all function 
symbols f , then Aft) holds for all t G TERM. 

Proof, cf. 1.1.3. 



□ 
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Lemma 2.3.4 Let A(ip) be a property of formulas. If 
(i) A{ip) for atomic <p, 

(a) A{if),A{'ii)) ^ A{if>U%f), 

(in) A{ip) ^ Aip^ip), 

(iv) A{ip) A{(yxi)ip)^ A{(3xi)ip) for all i, then A{ip) holds for all 
ifi e FORM. 

Proof, cf. 1.1.3. □ 

We will straight away introduce a number of abbreviations. In the first 
place we adopt the bracket conventions of propositional logic. Furthermore 
we delete the outer brackets and the brackets round Wx and 3a;, whenever 
possible. We agree that quantifiers bind more strongly than binary connec- 
tives. Furthermore we join strings of quantifiers, e.g. Va;ia;23a;3a;4f^ stands 
for VxiVa;23a;33x4(/3. For better readability we will sometimes separate the 
quantifier and the formula by a dot: \/x ■ ip. We will also assume that n in 
/(ti, . . . , t„), P{ti , . . . , tn) always indicates the correct number of arguments. 

A word of warning: the use of = might confuse a careless reader. The sym- 
bol ‘=’ is used in the language L, where it is a proper syntactic object. It 
occurs in formulas such as xq = xr, but it also occurs in the meta-language, 
e.g. in the form x = y, which must be read “a; and y are one and the same 
variable” . However, the identity symbol in x = y can just as well be the le- 
gitimate symbol from the alphabet, i.e. x = y is a, meta-atom, which can be 
converted into a proper atom by substituting genuine variable symbols for x 
and y. Some authors use = for “syntactically identical” , as in “x and y are the 
same variable”. We will opt for “=” for the equality in structures (sets) and 
“=” for the identity predicate symbol in the language. We will use = a few 
times, but we prefer to stick to a simple “ = ” trusting the alertness of the reader. 

Example 2.3.5 Example of a language of type (2;2,1;1). 
predicate symbols: L, = 
function symbols: p, i 
constant symbol: e 

Some terms: t\ := Xq; t 2 := p{xi,X 2 )] t^ := p(e, e); ti := i{xr)', t^ := 
p{i{p{x2,e))A{xi)). 

Some formulas: 

Pi := xo = X2, Pi := (so = Xi ^ Xi = Xq), 

P 2 := *3 = ^4, Pb '■= (Vxo)(Vxi)(xo = Xi 

P3 ■= L{i{x 5 ),e), Pe := (Vxo)(3xi)(p(xo, xi) = e), 

pr := (3xi)(-ixi = e A p(xi, xi) = e). 

(We have chosen a suggestive notation; think of the language of ordered 
groups: L for “less than”, p,i for “product” and “inverse”). Note that the 
order in which the various symbols are listed is important. In our example p 
has 2 arguments and i has I. 
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In mathematics there are a number of variable binding operations, such 
as summation, integration, abstraction: consider, for example, integration, in 
/p sinxdx the variable plays an unusual role for a variable. For x cannot 
“vary”; we cannot (without writing nonsense) substitute any number we like 
for X. In the integral the variable x is reduced to a tag. We say that the vari- 
able X is bound by the integration symbol. Analogously we distinguish in logic 
between free and bound variables. 

A variable may occur in a formula more than once. It is quite often useful 
to look at a specific instance at a certain place in the string that makes up 
the formula. We call these occurrences of the variable, and we use expressions 
like ‘a; occurs in the subformula ip oi ip.' In general we consider occurrences 
of formulas, terms, quantifiers, and the like. 

In defining various syntactical notions we again freely use the principle of 
definition by recursion (cf. 1.1.6). The justification is immediate: the value of 
a term (formula) is uniquely determined by the values of its parts. This allows 
us to find the value of H(t) in finitely many steps. 

Definition by Recursion on TERM: Let Hq : VarU Const — > A (i.e.iLo 
is defined on variables and constants). Hi : — > A, then there is a unique 

mapping H : TERM — > A such that 

J H{t) = Ho{t) for t a variable or a constant, 

\ . . . , ta,)) = R,(R(fl), . . . , R(faJ). 

Definition by Recursion on FORM: 

Let Hat '■ At ^ A {i.e.Hat is defined on atoms), 

Ha-.A^^A, (□e{v,A,^,^}) 

H^: A ^ A, 

Hy: Ax N ^ A, 

H^-.AxN^A. 

then there is a unique mapping H : FORM A such that 

' H{ip) = Hat{if) for atomice (p, 

HipiDiP) =HaiH{ip),HiiP)), 

< Hi^ip) =H^{H{ip)), 

Hpyixitp) = Hy{H{ip),i), 

^ H{3xi{ip) = H^{H{ip),i). 

Definition 2.3.6 The set FVpt) of free variables oft is defined by 
(i) FV{xi) ■.= {xi\, 

FV{c,) := 0 

(^^) FVifih , . . . , tn)) := FV{h) U . . . U FV{t^). 

Remark. To avoid messy notation we will usually drop the indices and 
tacitly assume that the number of arguments is correct. The reader can easily 
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provide the correct details, should he wish to do so. 



Definition 2.3.7 The set FV{ip) of free variables of ip is defined by 



{i) FV{P{h,...,tp)) 

FV{h = t2) 

FV{F) = FV{P) 

(a) Fvlipnijj) 

Fvl^ip) 

(Hi) FViyxiif) := FV{3xiif) 



= FV{h)^...^FV{t^), 

= FV{h)\JFV{t2), 

= 0 for P a proposition symbol, 

= FV{ip) U Fv[tp), 

= FV(ip), 

= FV{^) - {xj. 



Definition 2.3.8 t or ip is called closed if FV{t) = 0, resp. FV{ip) = 0. 
A closed formula is also called a sentence. A formula without quantifiers is 
called open. TERMc denotes the set of closed terms; SENT denotes the set 
of sentences. 

It is left to the reader to define the set BV (ip) of bound variables of ip. 
Continuation of Example 2.3.5. 

FVih) = {xi, X2}; EV{h) = 0; EV{ip2) = FV{H) U ^^(^ 4 ) = {xt}; 

FV{ipr) = 0; BV{ipA) = 0; BV{ips) = {xo,xi}. ip^,ipQ,ipr are sentences. 
Warning. EV{ip) n BV{ip) need not be empty, in other words, the same 
variable may occur free and bound. To handle such situations one considers 
free (resp. bound) occurrences of variables. When necessary we will make in- 
formally use of occurrences of variables; see also p. 63 

Example. Vxi(xi = X 2 ) — *■ P{x\) contains xi both free and bound, for the 
occurrence of xi in P{xi) is not within the scope of the quantifier 

In predicate calculus we have substitution operators for terms and for for- 
mulas. 



Definition 2.3.9 Let s and t be terms, then s[t/x] is defined by: 
c[t/x] := c 

{ii) f{ti,...,tp)[t/x] := f{ti[t/x\,...,tp[t/x\). 

Note that in the clause (i) y = x means “x and y are the same variables” . 



Definition 2.3.10 p[t/x] is defined by: 

{i) E[t/x\ := _L, 

P[t/x] := P for propositions P, 

P{ti,...,tp)[t/x] := P{ti[t/x],...,tp[t/x]), 
(ti = t 2 )[t/x] := ti[t/x] = t 2 [t/x], 
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(ii) {<fO'4’)[t/x] := (plt/xlDi/jlt/x], 
l^ip)[t/x] :=^if[t/x] 




{3y<f)[t/x] 




Substitution of formulas is defined as in the case of propositions, for con- 
venience we use ‘$’ as a symbol for the propositional symbol (0-ary predicate 
symbol) that acts as a ‘place holder’. 

Definition 2.3.11 (t[<p/$] is defined by: 



Continuation of Example 2.3.5. 

U[t2/xi] = 1 ( 2 : 7 ); t 4 [t 2 /x 7 ] = i{p{xi,X2)); 
t 5 [X 2 /xi] = p{i{p{X2,e),i{x2)), 

‘Pilh/xo] = p(e,e) = X 2 ; ‘P5[t3/xo] = 

We will sometimes make simultaneous substitutions, the definition is a 
slight modification of definitions 2.3.9, 2.3.10 and 2.3.11. The reader is asked 
to write down the formal definitions. We denote the result of a simultaneous 
substitution of ,..., for in t by ,..., ,..., y„] (similarly 

for (f). 

Note that a simultaneous substitution is not the same as its corresponding 
repeated substitution. 

Example, {xq = 2 ;i)[a;i, a;o/a;o, 2 : 1 ] = ( 2:1 = 2 : 9 ), 

but (( 2:0 = 2 :i)[ 2 :i/ 2 ;o])[ 2 ;o/ 2 ;i] = ( 2:1 = 2 ;i)[ 2 ;o/ 2 :i] = ( 2:9 = 2:c)- 

The quantifier clause in definition 2.3.10 forbids substitution for bound 
variables. There is, however, one more case we want to forbid: a substitution, 
in which some variable after the substitution becomes bound. We will give 
an example of such a substitution; the reason why we forbid it is that it can 
change the truth value in an absurd way. At this moment we do not have a 
truth definition, so the argument is purely heuristic. 

Example. 3x{y < x)[x/y] = 3x (x < x). 

Note that the right-hand side is false in an ordered structure, whereas 
3x(y < x) may very well be true. We make our restriction precise: 




(ii) (criDcr2)[v5/$] := oi[ip /%]U(T2[(p /%] 



(^(Ti)[(t/$] ■.= ^ai[ip/%] 

(V?/cr)[(^/$] ■.= yy.a[Lp/%] 

{3ya)[ip/$] :=3y.a[ip/$]. 
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Definition 2.3.12 t is free for x in ip if 
(i) p is atomic, 

(a) p •= piil\p 2 (or p := ~^pi) and t is free for x in p\ and p 2 (resp.pi), 
(Hi) p := 3yif (or p := Vj/'0j and if x G FV{p), then y ^ FV(t) and t 
is free for x in if. 

Examples. 

1. X 2 is free for xq in BxsP^xq, X 3 ), 

2. f{xo,xi) is not free for xg in 3xiF(xq, X 3 ), 

3. X 5 is free for xi in P(xi,X 3 ) — > 3xiQ(xi, X 2 ). 

For all practical purposes the use of “t is free for x in consists of the fact 
that the (free) variables of t are not going to be bound after substitution in p. 

Lemma 2.3.13 t is free for x in p the variables of t in p\t!xf\ are not 
hound by a quantifier. 

Proof. Induction on p. 

- For atomic p the lemma is evident. 

ds f 

- p = pi\Pip 2 . t is free for x in p t is free for x in pi and t is free for x in 

P 2 the variables of t in pi[t/x] are not bound by a quantifier and the 
variables of t in p 2 [t/x\ are not bound by a quantifier the variables of 
t in {piF\p 2 )[t ! x] are not bound by a quantifier. 

- p = ^Pi, similar. 

- p = 3yijj. It suffices to consider the case x G FV(p). t is free for x in 

p‘^-U' y ^ FV (t) and t is free for x in ip the variables of t are not in 
the scope of 3y and the variables of t in ip[t/x] are not bound by (another) 
quantifier the variables of t in p[t/x] are not bound by a quantifier. □ 

There is an analogous definition and lemma for the substitution of formulas. 

Definition 2.3.14 p is free for $ in a if: 

(i) <j is atomic, 

(ii) a := aiDa 2 (or ^tri) and p is free for $ in and in U 2 (or in a\), 
(Hi) a := 3yr (or ^yr) and if $ occurs in a then y ^ FV{p) and p is 

free for $ in t. 

Lemma 2.3.15 p is free for % in a the free variables of p are in (r[<p/$] 
not bound by a quantifier. 

Proof. As for Lemma 2.3.13. □ 

From now on we tacitly suppose that all our substitutions are “free for” . 
For convenience we introduce an informal notation that simplifies reading and 
writing: 

Notation. In order to simplify the substitution notation and to conform to 
an ancient suggestive tradition we will write down (meta-) expressions like 
p{x,y,z),ip{x,x), etc. This neither means that the listed variables occur free 
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nor that no other ones occur free. It is merely a convenient way to handle 
substitution informally: ip(t) is the result of replacing a; by t in ip(x);ip{t) is 
called a substitution instance of 

We use the languages introduced above to describe structures, or classes 
of structures of a given type. The predicate symbols, function symbols and 
constant symbols act as names for various relations, operations and constants. 
In describing a structure it is a great help to be able to refer to all elements 
of |2l| individually, i.e. to have names for all elements (if only as an auxiliary 
device). Therefore we introduce: 

Definition 2.3.16 The extended language, L(2l), o/ 21 is obtained from the 
language L, of the type of 21, by adding constant symbols for all elements of 
21. We denote the constant symbol, belonging to a € |2t|, by a. 

Example. Consider the language L of groups; then L(2l), for 21 the additive 

group of integers, has (extra) constant symbols 0, 1,2,.. ., —1, —2, —3, 

Observe that in this way 0 gets two names: the old one and one of the new 
ones. This is no problem, why should not something have more than one name? 

Exercises 

1. Write down an alphabet for the languages of the types given in Exercise 
1 of section 2.2 

2. Write down five terms of the language belonging to Exercise, 1 (iii), (viii). 
Write down two atomic formulas of the language belonging to Exercise 1, 
(vii) and two closed atoms for Exercise 1, (iii), (vi). 

3. Write down an alphabet for languages of types (3; 1, 1, 2; 0), (— ; 2; 0) and 
(i;-;3). 

4. Check which terms are free in the following cases, and carry out the sub- 
stitution: 

(a) a; for a; in a; = x, (/) a; -I- w for z in Vw(x + z = 0), 

(b) y for a; in a; = x, (g) x + y for z in Vw(x -|- z = 0) A 

(c) a; -I- y for y in z = 0, 3y(z = x), 

{d) 0 + y for y in 3a;(y = x), (h) x + y for z in \/u{u = v) ^ 

(e) X + y for z in Vz(z = y). 

3w{w -I- a; = 0), 
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2.4 Semantics 



The art of interpreting (mathematical) statements presupposes a strict sepa- 
ration between “language” and the mathematical “universe” of entities. The 
objects of language are symbols, or strings of symbols, the entities of mathe- 
matics are numbers, sets, functions, triangles, etc. It is a matter for the phi- 
losophy of mathematics to reflect on the universe of mathematics; here we will 
simply accept it as given to us. Our requirements concerning the mathemat- 
ical universe are, at present, fairly modest. For example, ordinary set theory 
will do very well for us. Likewise our desiderata with respect to language are 
modest. We just suppose that there is an unlimited supply of symbols. 

The idea behind the semantics of predicate logic is very simple. Following 
Tarski, we assume that a statement a is true in a structure, if it is actually 
the case that cr applies (the sentence “Snow is white” is true if snow actually 
is white). A mathematical example: “2-1-2 = 4” is true in the structure of 
natural numbers (with addition) if 2 -|- 2 = 4 (i.e. if addition of the numbers 
2 and 2 yields the number 4). Interpretation is the art of relating syntactic 
objects (strings of symbols) and states of affairs “in reality”. 

We will start by giving an example of an interpretation in a simple case. 
We consider the structure 21 = (Z, <, -k, — , 0), i.e. the ordered group of inte- 
gers. 

The language has in its alphabet: 
predicate symbols : =,L 
function symbols : P, M 
constant symbol : 0 



L(2l) has, in addition to all that, constant symbols m for all m e Z. We first 
interpret the closed terms of L(2t); the interpretation t^ of a term t is an 
element of Z. 



t 


fa 


m 


m 


P{ti,t2) 


tf + tf 


M{t) 


-fa 



Roughly speaking, we interpret m as “its number” , P as plus, M as minus. 
Note that we interpret only closed terms. This stands to reason, how should 
one assign a definite integer to x? 

Next we interpret sentences of L(2l) by assigning one of the truth values 
0 or 1. As far as the propositional connectives are concerned, we follow the 
semantics for propositional logic. 
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r;(T) 
v{t = s) 


= C 


1, 

f 1 if = s® 




— ■> 


1 0 else, 




v{L{t,s)) 


= \ 


1 1 if < s® 
[ 0 else 




v{(p\3'ip) 

vir^ip) 




as in 1.2.1 




viyxip) 


= \B.\n.{v{ip[n/ x\) 1 


n G Z} 


v{3x(j) 


= m.ax.{v{ip\n/ x\) 


n G Z} 



A few remarks are in order. 

1. In fact we have defined a function v by recursion on ip. 

2. The valuation of a universally quantified formula is obtained by taking the 
minimum of all valuations of the individual instances, i.e. the value is 1 
(true) iff all instances have the value 1. In this respect V is a generalization 
of A. Likewise 3 is a generalization of V. 

3. V is uniquely determined by 21, hence would be a more appropriate 
notation. For convenience we will, however, stick to just v. 

4. As in the semantics of propositional logic, we will write for vsi{ip), 
and when no confusion arises we will drop the subscript 21. 

5. It would be tempting to make our notation really uniform by writing 
|t]ai for t®. We will, however, keep both notations and use whichever is 
the most readable. The superscript notation has the drawback that it re- 
quires more brackets, but the | ]-notation does not improve readability. 



Examples. 

1. (P(P(2,3),M(7)))2‘ = P(2,3)2‘-hM(7)2‘ = = 2-k3-k 

(- 7 ) = -2, 

2 . [2 = ^ = O^iMe 2 - 1 , 

3. p = T ^ A(25,T0)1 = 1, since p = T] = 0 and |L(25,T0)1 = 0; by the 
interpretation of the implication the value is 1, 

4. l\/x3y{L{x,y))j = min„(maxm,|L(ri, m))| 

|(n,rn)] = 1 for m > n, so for fixed n, maxm|L(n, nl)] = 1, and hence 
min„ maXm|T(n,TO)] = 1. 



Let us now present a definition of interpretation for the general case. Con- 
sider 2t = (A, Ri, . . . , R„, Fi, . . . , Fm, {ciji S /}) of a given similarity type 

(t*! , . . . , Tyj , Cli , . . . , |7|) ■ 

The corresponding language has predicate symbols i?i, . . . , i?„, function 
symbols Fi,. . . ,Fm and constant symbols c^. L(2t), moreover, has constant 
symbols a for all a G |2t|. 
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Definition 2.4.1 An interpretation of the closed terms of L(2t) in 21, is a 
mapping (.)^ : TERMc |2l| satisfying: 

(i) cl® = a (= |cl]a) 

= a, (= |a]a) 

(a) (Fi(ti,...,tp))^ = F,{tf,...,tf), (=]Fi(ti,...,tp))]a 

where p=Qi = F*(|ti]a, • ■ ■ , [tp]>a) ) 



There is also a valuation notation using Scott-brackets; we have indicated in 
the above definition how these brackets are to be used. The now following 
definition is exclusively in terms of valuations. 



Definition 2.4.2 An interpretation of the sentences tp of T(2t) in 21, is a 
mapping |.] 2 i : SFNT {0, 1}, satisfying: 

(*) y a := 0, 

|i?] 2 i := R (i.e. 0 or 1). 



(ii) lRi{ti,...,t. 



Tlla := 



1 */ {tf, 

0 else. 



,tp) e Ri, where p = ri, 



Pi = i2]a, 

{Hi) {ip A V'la 
Ip V V'la 
Ip '01a 
Ip ^ 01a 
I^<p]a 
{iv) |Va;(p]a 

Pa;<p]a 



^ fl i/ = if 

[0 else. 

= min{\ip\<A, I01a), 

= ma 2 ;(p]a, I0]a), 

= max{l - pla, [01a), 

= 1 - Ipla - [01a|, 

= 1 - p]a. 

= min{lip\d/x]\%\ a G |2l|}, 
= max{{p\dlx\\%\ a G |2l|}. 



Convention: from now on we will assume that all structures and languages 
have the appropriate similarity type, so that we don’t have to specify the 
types all the time. 



In predicate logic there is a popular and convenient alternative for the 
valuation-notation: 

^\= p stands for = 1. We say that ‘V is true, valid, in 21” ii%\= <p. 
The relation ^ is called the satisfaction relation. 

Note that the same notation is available in propositional logic — there the 
role of 21 is taken by the valuation, so one could very well write v \= p for 
= 1 

So far we have only defined truth for sentences of L(2t). In order to extend 
1= to arbitrary formulas we introduce a new notation. 



Definition 2.4.3 Let FV{p) = {z \, . . . , Zk\, then Cl{p) := V^i . . . ZkP is the 
universal closure of ip (we assume the order of variables Zi to be fixed in some 
way). 
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Definition 2.4.4 (i) %\= Lp jjff 21 |= Cl{ip), 

(a) \= Lp iff‘^\=ip for all ^ (of the appropriate type), 

(Hi) 21 1= iffi^\=tjj for all if £ F, 

(iv) r \= (p iff (f^ \= r 21 ^ ip), where F U {ip} consists of sentences. 

If 2t 1= fj, we call 21 a model of cr. In general: if 21 |= we call 21 a model 
of F. We say that ip is true ii\= ip, is a semantic consequence of if r' |= 
i.e. ip holds in each model of F. Note that this is all a straight-forward gener- 
alization of 1.2.4. 

If (/j is a formula with free variables, say FV {ip) = {zi , . . . , Zk}, then we say 
that ip is satisfied by a\, . . . ,Ok £ |2l| if 21 |= ip\d\, . . . ,a,k / z\, . . . , Zk], ip called 
satisfiable in 21 if there are ai , . . . , Ofc such that ip is satisfied by ai , . . . , Ufe and 
ip is called satisfiable if it is satisfiable in some 21. Note that ip is satisfiable in 
21 iff 21 ^ 3zi . . . Zkip. 

The properties of the satisfaction relation are in understandable and con- 
venient correspondence with the intuitive meaning of the connectives. 



Lemma 2.4.5 If we restrict ourselves to sentences, then 

(i) 21|=f^A'i/’44>21|=f^ and 21 |= '0, 

(ii) 21|=f^V044>21|=f^ or 21^'0 
{Hi) 21 1= ^ip 21 ^ 

{iv) 21|=f^— >'0<t4>(21|=:/j=J>21|= Ip), 

{v) 21|=f^<-^'i/'<^(21|=:/j<t4>21|= Ip), 

{vi) 21 1= \/xip 21 1= ip\d/x], for all a £ |2l|, 

{vii) 21 1= 3xip 21 1= ip\a/x\, for some a £ |2l|. 

Proof. Immediate from Definition 2.4.2. We will do two cases. 

(iv) 21|=v 3^'0<^[7^^ 01a = max{l - |(^]a, Ma) = 1- Suppose 21 ^ 
i.e. |(^]a = 1, then clearly |0]a = 1, or 21 ^ 0. 

Conversely, let 21 |= 21 |= 0, and suppose ^ ip ^ tp, then 

\ip 0]a = max{l - |(^]a, [0]a) = 0. Hence |0]a = 0 and |(^]a = 1- 
Contradiction. 

(vii) 21 1= 3xip{x) max{(|(/3(a)]21|a £ |21|} = 1 there is an a £ |21| such 
that |(/3(a)]a = 1 there is an a £ |21| such that 21 \= p{a). □ 

Lemma 2.4.5 tells us that the interpretation of sentences in 21 runs paral- 
lel to the construction of the sentences by means of the connectives. In other 
words, we replace the connectives by their analogues in the meta-language 
and interpret the atoms by checking the relations in the structure. 

For example, consider our example of the ordered additive group of 
integers:21 ^ ~^yx3y{x = P{y,y)) ^ It is not the case that for each num- 
ber n there exists an m such that n = 2m not every number can be halved 
in 21. This clearly is correct, take for instance n = 1. 

Let us reflect for a moment on the valuation of proposition symbols; an 
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0-ary relation is a subset of = {0}, i.e. it is 0 or {0} and these are, consid- 
ered as ordinals, 0 or 1. So |P]ai = P, and P is a truth value. This makes our 
definition perfectly reasonable. Indeed, without aiming for a systematic treat- 
ment, we may observe that formules correspond to subsets of , where k is 
the number of free variables. E.g. let FV{(p) = {zi , . . . , Zk}, then we could put 
Ma = {(ai,...,afc)|2l 1= ip{ai, . . . ,ak)}{= {(ai, . . . ,a„)||v3(ai, . . . ,afe)] 2 i = 
1}), thus stretching the meaning of a bit. It is immediately clear that ap- 
plying quantifiers to (p reduces the “dimension” . For example, \3xP{x, y)]a = 
{a|2l 1= P(b,a) for some b}, which is the projection of |P(a;,y)] 2 i onto the y- 
axis. 



Exercises 

1. Let m = {N, -I-, -,S, 0), and L a language of type (— ; 2, 2, 1; 1). 

(i) Give two distinct terms t in L such that = 5, 

(ii) Show that for each natural number n € N there is a term t such 
that = n, 

(iii) Show that for each n G N there are infinitely many terms t such 
that = n. 

2. Let 21 be the structure of exercise 1 (v) of section 2.2. Evaluate 

(((T ^ 0) ^ -0) A (-0) ^ (T ^ 0))=^, (T ^ -(-0 V T))2‘. 

3. Let 21 be the structure of exercise 1 (viii) of section 2.2. Evaluate (|('\/3)^ — 

(T-(iF^i-(5-r^))=‘. 

4. Which cases of Lemma 2.4.5 remain correct if we consider formulas in 
general? 

5. For sentences a we have 21 |= ct or 21 ^ ~^a. Show that this does not hold 
for ip with FV{p) yf 0. Show that not even for sentences |= cr or ^ 
holds. 

6. Show for closed terms t and formulas p (in L(21)): 

21 ^ = Wa’ 

21 1= p{t) obtain this as a corollary to the 

Substitution Theorem, 2.5.9). 

7. Show that 21 |= 21 |= for all 21, implies \= p ^ \= but not vice 



versa. 
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2.5 Simple Properties of Predicate Logic 

Our definition of validity (truth) was a straightforward extension of the 
valuation-definition of propositional logic. As a consequence formulas which 
are instances of tautologies are true in all structures 21 (exercise 1). So we can 
copy many results from sections 1.2 and 1.3. We will use these results with a 
simple reference to propositional logic. 

The specific properties concerning quantifiers will be treated in this sec- 
tion. First we consider the generalizations of De Morgan’s laws . 

Theorem 2.5.1 (i) ^ -nVxip Bx-'ip 

(ii) 1= ~^Bx(p \/x^(p 
(in) 1= \/x(fi -<3x^(p 
(iv) 1= 3xif <->■ -Nx^ip 

Proof. If there are no free variables involved, then the above equivalences are 
almost trivial. We will do one general case. 

(i) Let FV{yx(fi) = {zi , . . . , Zk}, then we must show 

21 1= Vzi . . . Zk{-N xip{x , . . . , Zk) 3x^ip{x, zi, . . . , Zk)), for all 21. 

So we have to show 21 |= ^Va;(^(a;, oi, . . . , Ofc) <-> 3a;-i(^(a;, oi, . . . , Ofe) for ar- 
bitrary oi, . . . , ttfe € |2l|. We apply the properties of ^ as listed in Lemma 
2.4.5: 

21 ^ -3ixip{x,ai, . . . ,a,k) 21 ^ Va:(^(a;,ai, . . . , a^) not for all 

6 e |2l| 21 1= ip(b,ai, . . . ,ak) ^ there is a 6 G |2l| such that 
21 1= . . . ,Ofc) 21 ^ 3x^(fi{x,ai , . . . ,a„). 

(ii) is similarly dealt with, 

(iii) can be obtained from (i), (ii), 

(iv) can be obtained from (i), (ii). □ 

The order of quantifiers of the same sort is irrelevant, and quantification 
over a variable that does not occur can be deleted. 



Theorem 2.5.2 (i) |= \/xyyip \/yyxip, 

(ii) 1= 3x3y(fi 3y3x(p, 

(Hi) 1= \/xip ^ if if X ^ FV(^(fi), 

{iv) 1= ^ if if X ^ FV{(fi). 

Proof. Left to the reader. □ 

We have already observed that V and 3 are, in a way, generalizations of 
A and V. Therefore it is not surprising that V (resp. 3) distributes over A 
(resp.V). V (and 3) distributes over V (resp. A) only if a certain condition is 
met. 
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Theorem 2.5.3 (i) ^ \/x{ip A Wxip A Vsi/;, 

(ii) 1= 3x{(fi \/ Ip) 3xip V 3xip, 

(in) \= \/x{ifi{x) V ■;/;) <-^ \/xip{x) \/ tp if x ^ FV{tp), 

(iv) ^ 3x{ip{x) A '0) <-*■ 3xLp{x) Atp if x ^ FV{tp). 

Proof, (i) and (ii) are immediate. 

(iii) Let FV(yx{ip{x) V ■0)) = {zi, ■ ■ ■ , Zk}- We must show that 

21 1= V^i . . . Zkl^x{(f{x) V Ip) ^ yxip{x) V Ip] for all 21, so we show, us- 
ing Lemma 2.4.5, that 21 \= Va;[(^(a;, oi, . . . ,Ofe)) V tp{ai , . . . ,afc)] 21 |= 
yxip{x,ai, . . . ,afc) V '0(oi, . . . ,ak) for all 21 and all oi, . . . , Ofe G |21|. 

Note that in the course of the argument ai, . . . , Ofc remain fixed, so in the 
future we will no longer write them down. 

4= : 21 ^ yx(fi{x, ) V 0( ) 21 1= Wx(p{x, ) or 21 |= tp{ ) <t4> 

21 1= ip(b, ) for all 6 or 21 ^ tp{ ). 

If 21 )= tp{ ), then also 21 \= ip(b, ) V tp{ ) for all b, and so 

21 1= yxip{x, ) V '0( )• If for all 6 21 ^ ip(b, ) then 

21 1= ip(b, ) V '0( ) for all 6, so 21 |= Wx^tp^x, ) V '0( ))• In 

both cases we get the desired result. 

: We know that for each 6 € |21| 21 ^ (p(b, ) V tp{ ). 

If 21 1= ip{ ), then also 21 \= \lxip{x, ) V tp{ ), so we are done. 

If 21 ^ 0( ) then necessarily 21 |= ip(b, ) for all b, so 

21 1= \/xif{x, ) and hence 21 \= 'ixp{x, ) V 0( ). 

(iv) is similar. □ 

In the proof above we have demonstrated a technique for dealing with the 
extra free variables Zi,. . . ,Zk, that do not play an actual role. One chooses 
an arbitrary string of elements Oi, . . . , aj, to substitute for the zfs and keeps 
them fixed during the proof. So in future we will mostly ignore the extra 
variables. 

WARNING. \/x{ip{x) V ip{x)) \lxLp{x) V yxip{x), and 

3x(p{x) A 3a;'0(a;) ^ 3x{(p{x) A tp^x)) are not true. 

One of the Cinderella tasks in logic is the bookkeeping of substitution, 
keeping track of things in iterated substitution, etc. We will provide a number 
of useful lemmas, none of them is difficult - it is a mere matter of clerical 
labour. 

A word of advice to the reader: none of these syntactical facts are hard to 
prove, nor is there a great deal to be learned from the proofs (unless one is 
after very specific goals, such as complexity of certain predicates); the best 
procedure is to give the proofs directly and only to look at the proofs in the 
book in case of emergency. 



Lemma 2.5.4 (i) Let x and y he distinct variables such that x ^ FV(r), then 
{t[slx\)[r/y\ = {t[r/y])[s[r/y\/x\, 
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(ii) let X and y he distinct variables such that x ^ FV{s) and let t and s be 
free for x and y in (p, then {(p[t / x])[s / y] = {(p[s/y])[t[s/y]/x], 

(Hi) let if be free for $ in ip, and let t be free for x in p and if, then 
{p[ifl%])[tlx\ = {p[t/x\)[if[t/x\/%\, 

(iv) Let p,if be free for $i,$2 in a, let if he free for $2 in p, and let $1 not 
occur in if, then (cr[(^/$i])[i/)/$2] = {a[if /%2])[p[if 

Proof, (i) Induction on t. 

- t = c, trivial. 

- t = X. Then t[s/x] = s and {t[s / x])[r / y] = s[r/y\, {t[r / y])[s[r / y] / x] = 
x[s[r/y]/x] = s[r/y]. 

-t = y. Then {t[s / x])[r / y] = y[r/y]=r and {t[r/y])[s[r/y]/x]=r{s[r/y]/x]=r, 
since x ^ FV{r). 

- t = z, where z ^ x,y, trivial. 

-t = f{ti,...,t„). Then {t[s/x])[r/y] = {f(ti[s/x],...)[r/y] = 

fiih[s/x])[r/y ], . . .) = f{(ti[r/y])[s[r/y]/x ], . . .) = 
f{ti[r/y], . . .)[s[r/y]/x] = {t[r/y])[s[r/y]/x]. ^ 

(ii) Induction on p. Left to the reader. 

(iii) Induction on p. 

- p =T or P distinct from $. Trivial. 

- p = $. Then ($[7/i/$])[t/a;] = if[t/x] and ($[t/a;])[^/;[t/a;]/$] = 

$[^/;[t/a;]/$] = if[t/x], 

- p = p\Oip2,^Pi. Trivial. 

- p = ^ypi. Then (Vy • pi[if/%])[t/x\ = (Vy • pi[if/%])[t/x\ = 

Vy • {{p,[ifmt/x\) ^y{{p,[t/x]mtlx]/%]) = 

{{'iypi)[tlx])[if[t/x\/%]. 
p = 3 ypi- Idem. 

(iv) Induction on a. Left to the reader. □ 

We immediately get 



Corollary 2.5.5 (*) If z ^ PV{t), then t[a/x] = {t[z/x\)[a/ z], 

(ii) If z ft FV(p) and z free for x in p, then 
p[a/x\ = {p[z/x])[a/z\. 

It is possible to pull out quantifiers from formula. The trick is well- 
known in analysis: the bound variable in an integral may be changed. E.g. 
f xdx + f sin ydy = f xdx + f sinxdx = f(x + sinx)dx. In predicate logic we 
have a similar phenomenon. 



^ ‘i.h.’ indicates the use of the induction hypothesis 
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Theorem 2.5.6 (Change of Bound Variables) If x, y are free for z in (p 

and x,y ^ FV{ip), then \= 3xLp[x/z] 3yLp[y/z], 

1 = \lxLp[x/ z] \/yip[y/ z\. 

Proof. It suffices to consider ip with FV{(p) C {z}. We have to show 
21 1 = 3xip[x/z] 21 1 = 3yp[y/z] for any 21. 

21 ^ 3xip[x/z] 21 ^ {ip[x / z])\a / x] for some a 

21 ^ <p\a/z\ for some a 21 |= {ip[y / z\)\a / y] for some a 21 [= 3y(p[y/z\. 
The universal quantifier is handled completely similarly. □ 

The upshot of this theorem is that one can always replace a bound variable 
by a “fresh” one, i.e. one that did not occur in the formule. Now one easily 
concludes 

Corollary 2.5.7 Every formula is equivalent to one in which no variable 
occurs both free and bound. 

We now can pull out quantifiers: \fxip{x)\/yx'ip{x) \fx(p{x)\/yytp{y) and 
yxip{x) V Vy0(y) <-> yxy{(p{x) V 'ip{y)), for a suitable y. 

In order to handle predicate logic in an algebraic way we need the tech- 
nique of substituting equivalents for equivalents. 



Theorem 2.5.8 (Substitution Theorem) 

(i) (= = t 2 ^ s[ti/x] = s[t 2 /x] 

(a) \=ti = t2^ p[ti/x] ^ q:’[t2/x]) 

(Hi) \= {ip Ip) ^ <-!■ a[ip/$]) 

Proof. It is no restriction to assume that the terms and formulas are closed. 
We tacitly assume that the substitutions satisfy the “free for” conditions. 

(i) Let 21 1= = t 2 , i.e. tf = tf. Now use induction on s. 

- s is a constant or a variable. Trivial. 

- s = i^(si,...,Sfc). Then s[U/x] = F{si[ti/x], . . .) and (s[t*/x])® = 
F((si . . .). Induction hypothesis: (sj[ti/a;])^ = {s j[t 2 / x])'^ , 

1 < j < So {s[ti/x])'^ = F{{si[h/x])‘^, ...) = 

F{{si[t 2 / x])^ , ...) = (s[t 2 /®])^- Hence 21 |= s[ti/x] = s[t 2 /x\. 

(ii) Let 21 1= = t 2 , so . We show 21 \= p[ti/x] 21 |= p\t 2 /x\ by 

induction on p. 

- p is atomic. The case of a propositional symbol (including _L) is 
trivial. So consider p = P{s\, . . . , Sk). 21 |= P{s\,. . . ,Sk)[ti/x\ 

21 1= P{si[ti/x],...) ^ ((si[ti/a;])®,...,(sfc[ti/a;])® G P. By (i) 
{Sj[ti/x])^ = {Sj[t2/x\)^,j = 

So we get ((si[ti/:c])®, . . .) 

€ P <t4> . . . 21 1= P{s\, . . .)[t 2 lx\. 

- p = piM P 2 , pi/\p 2 , Pi ^ P 2 , ~^Pi- We consider the disjunction: 21 |= 

{pi V p 2 )[ti/x] 21 ^ pi[ti/x] or 21 1= p 2 [ti/x] '‘4p . 21 |= pi[t 2 /x] or 

21 h P2[t2/x] 21 ^ ((/?! V P2)[t2lx\. 
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The remaining connectives are treated similarly. 

- (p = 3yilj,ip = Vyi;. 

We consider the existential quantifier. 21 |= {3ytlj)[ti/x] 

21 \= 3y{^|;[tl/x]) 21 [= tjj[ti/x][a/y] for some a. 

By 2.5.4 21 [= / x][a / y] 21 ^ Wa/y])[ti[a/y]/x]. Apply the 

induction hypothesis to ip[a/y] and the terms ti[a/y],t 2 \a/y]. Observe 
that ti and t 2 are closed, so ti[a/y] = ti and ^2 = hia/y]. We get 
21 \= tp[t 2 /x][a/y], and hence 21 ^ 3ytl;[t2/x]. The other implication is 
similar, so is the case of the universal quantifier. 

(iii) Let 21 ^ 21 |= V'- We show 21 |= (j[ip/%\ 21 ^ cr['0/$] by induction 

on cr. 

- cr is atomic. Both cases a = $ and cr yf $ are trivial. 

- cr = (Ti\3a2 (or ^CTi). Left to the reader. 

- cr = yx ■ T. Observe that ip and ■i/' are closed, but even if they were not 

then X could not occur free in '0. 

21 \= (Va; • r)[<p/$] 21 ^ Va;(r[(/5/$]). Pick an a € |2t|, then 21 \= 

(r [(/?/$]) [a/a;] 21 |= {T\a/x\)[ip\a/x\/%] 21 |= {T\a/x\)[ip/%] 44' 

21 1= r[a/a;] ['0/$] 21 |= r[a/a;]['0[a/a;]/$] <1^ 21 |= (r[0/$])[a/a;]. 

Hence 21 \= <j[p/%] 21 |= cr[0/$]. 

The existential quantifier is treated similarly. □ 

Observe that in the above proof we have applied induction to for 

all ip", because the substitution formula changed during the quantifier case. 

Note that also the a changed, so properly speaking we are applying induc- 
tion to the rank (or we have to formulate the induction principle 2.3.4 a bit 
more liberal). 



Corollary 2.5.9 (i) [s[Va;]l = Is[|/|/a;]] 

(**) = |v3[|t]/a;]l 

Proof We apply the Substitution Theorem. Consider an arbitrary 21. Note that 
[Ml = M (t>y definition), so 21 [= |t] = t. Now (i) and (ii) follow immediately. 
□ 

In a more relaxed notation, we can write (i) and (ii) as 
[s(^)l = [s(M)L_or 21 h s(t) = s(|t]) and |</9(t)] = M(M)], or 
21 h <7’(i) ^ V^(M)- 

Observe that |t](= Ma) is just another way to write t®. 

Proofs involving detailed analysis of substitution are rather dreary but, 
unfortunately, unavoidable. The reader may simplify the above and other 
proofs by supposing the formulas involved to be closed. There is no real loss 
in generality, since we only introduce a number of constants from L(2l) and 
check that the result is valid for all choices of constants. 

We now really can manipulate formulae in an algebraic way. Again, write 
p Ki if for 1= 0. 
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Examples. 

1. \/x(fi{x) — > -i/j « ->\/xip{x) V 'i/j « 3x(-'(^(a;)) V '0 ~ 3a;(-’V3(a;) V 0) « 
3a;((/3(x) ^ 0), where a; ^ FV{ifj). 

2. \/x(fi{x) — >■ 3xf^(a;) « -iyx(p{x)\/3xip{x) « 3a;(-'V3(a;)Vf^(a;)). The formula 
in the scope of the quantifier is true (already by propositional logic), so 
the formula itself is true. 

Definition 2.5.10 A formula ip is in prenex (normal) form if ip consists of a 
(possibly empty) string of quantifiers followed by an open (i.e. quantifier free) 
formula. We also say that ip is a prenex formula. 

Examples. 3xyy3z3v{x = z V y = z ^ v <y), Va;V?/3z(P(x, y) A Q{y, x) 
P{z,z)). 

By pulling out quantifiers we can reduce each formula to a formula in 
prenex form. 



Theorem 2.5.11 For each p there is a prenex formula 0 such that \= p if . 

Proof. First eliminate — > and <->. Use induction on the resulting formula p' . 

For atomic p' the theorem is trivial. If p' = pi\/ p2 and pi , p2 are equiv- 
alent to prenex 0i , 02 then 

01 — {Qiyi') • ■ • i,Qnyn)f^ ? 

02 = {Q\zi) . . . {Q'^Z^)lf^, 

where Qi, Qj are quantifiers and 0^, 0^ open. By Theorem 2.5.6 we can choose 
all bound variables distinct, taking care that no variable is both free and 
bound. Applying Theorem 2.5.3 we find 

1= V?' ^ (Qiyi) . . . {Qnyn){Q'lZi) . . . {Q'^Zm){'lf^ V 02), 
so we are done. 

The remaining cases are left to the reader. □ 

In ordinary mathematics it is usually taken for granted that the benev- 
olent reader can guess the intentions of the author, not only the explicit 
ones, but also the ones that are tacitly handed down generations of math- 
ematicians. Take for example the definition of convergence of a sequence: 
Ve > 03nVm(|a„ — a„+m| < e)- In order to make sense out of this expression 
one has to add: the variables n, m range over natural numbers. Unfortunately 
our syntax does not allow for variables of different sorts. So how do we incor- 
porate expressions of the above kind? The answer is simple: we add predicates 
of the desired sort and indicate inside the formula the “nature” of the variable. 

Example. Let 21 = {R,Q,<) be the structure of the reals with the set of 
rational numbers singled out, provided with the natural order. The sentence 
cr := yxy{x <?/—*■ 3z(Q(z) Ax < zAz < y)) can be interpreted in 21 : 21 ^ cr, 
and it tells us that the rationale are dense in the reals (in the natural ordering) . 
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We find this mode of expression, however, rather cumbersome. Therefore we 
introduce the notion of relativised quantifiers. Since it does not matter whether 
we express informally “ x is rational” by a; S Q or Q{x), we will suit ourselves 
and any time choose the notation which is most convenient. We use (3a; S Q) 
and (Va; S Q) as informal notation for “there exists an x in Q” and “for all 
X in Q”. Now we can write a as Va;y(a; < y ^ 3z £ Q{x < z A z < y)). Note 

that we do not write (Va;y € R){ ), since: (1) there is no relation R in 21, 

(2) variables automatically range over |2l| = R. 

Let us now define the relativisation of a quantifier properly: 

Definition 2.5.12 If P is a unary predicate symbol, then (Va; G P)(p := 
yx{P{x) —>■ If), (3a; € P)f := (3a;)(P(a;) A f). 

This notation has the intended meaning, as appears from 
21 1= (Va; e P)f for all a € P® 21 \= f[a/x], 21 |= (3a; S P)f there exists 
an a € P® such that 21 \= f\d/x\. The proof is immediate. We will often use 
informal notations, such as (Va; > 0) or (3y 1), which can be cast into the 

above form. The meaning of such notations will always be evident. One can 
restrict all quantifiers to the same set (predicate), this amounts to passing to 
a restricted universe (cf. Exercise 11). 

It is a common observation that by strengthening a part of a conjunction 
(disjunction) the whole formula is strengthened, but that by strengthening 
f in ^f the whole formula is weakened. This phenomenon has a syntactic 
origin, and we will introduce a bit of terminology to handle it smoothly. We 
inductively define that a subformula occurrence f is positive (negative) in cr: 

Definition 2.5.13 Suh'^ and Sub~ are defined simultaneously by 

Sub+{f) = {f} 

Sub~{f) = 0 for atomic f 

Sub^ {ffP\f2) = Sub^{fi) U Sub'^{f2) U {fiOf2} 

Sub~lfiDf 2 ) = Sub~{fi) U Sub~{f 2 ) for □ G {A, V} 

Sub~'~{fi f 2 ) = Sub~'~{f 2 ) U Sub~{fi) U {fi — > f 2 } 

Sub~{fi — > f 2 ) = Sub'^{fi) U Sub~{f 2 ) 

Sub'^(Qx.f) = Sub'^{f) U {Qx.f\ 

Sub~{Qx.f) = Sub~{f) for Q G {V, 3} 

If f G Sub'^ftp), then we say that f occurs positively in ip (similarly for 
negative occurrences) . 

We could have restricted ourselves to A, — > and V, but it does not ask much 
extra space to handle the other connectives. For convenience we consider <-!■ 
not as primitive. Note that Sub~^ (3 Sub~ need not be empty. 

The following theorem makes the basic intuition clear: if a positive part 
of a formula increases in truth value then the formula increases in truth value 
(better: does not decrease in truth value). We express this role of positive and 
negative subformules as follows: 
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Theorem 2.5.14 Let ip {pp) not occur negatively (not positively) in a, then: 

(i) bil < ^ 2 ] ^ \a[ipi/ip]\ < |cr[(/92/<p]l 

(li) [V'l] < IV'2] ^ |cr[^i/'0]] > |cr[V^2/V']l 

(lii) a h (<Pi ^ V 2 ) (cr[(/2i/<p] ^ cr[(^2/(/5]) 

(iv) ‘^\= ' 02 ) ^ (cr[V' 2 /' 0 ] ^ cr[V'i/'0]). 

Proof. Induction on cr. □ 



Exercises 

1. Show that all propositional tautologies are true in all structures (of the 
right similarity type). 

2. Let X ^ FV(ip). Show (i) ^ (ixip ^ ip) ^ 3x{ip — > ip), 

(ii) 1= {3xp Ip) - 1 ^ \/x{ip — >■ Ip), 

(iii) \= {ip ^ 3xip) <-!• 3x{ip ip), 

(iv) \= {ip ^ \/xip) \/x{ip ip). 

3. Show that the condition on FV{ip) in exercise 2 is necessary. 

4. Show ^ \/x3yip 3y\/xp. 

5. Show 1= 1= \/xp and |= 3xip. 

6. Show ^ 3xip \/xip. 

7. Show ^ 3xip A 3xip 3x{ip A ip). 

8. Show that the condition on a;, y in Theorem 2.5.6 is necessary. 



(*) 


h 


\/x{ip - 


-^ip) ^ 


(ixip 


'ixip) 


{ii) 


h 


{3xip - 


->■ 3xip) 


— >■ 3x{p 


0) 


{iii) 


h 


'^x{ip ^ Ip) ^ 


(ixip <-*■ 


^xip) 


{iv) 


h 


(plxip - 


->■ 3xip) 


<->■ 3x{p 


0) 


{v) 


h 


{3xip - 


Wxip) 


— >■ Vx(f^ 


^ 0) 



10. Show that the converses of exercise 9(i) - (iii) and (v) do not hold. 

11. Let L have a unary predicate P. Define the relativisation of a by 

:= a for atomic ip, 

{ipUiP)P := pPUipP, 

{^p^)P := 

(ixip)^ := Vx{P{x) — > ip^). 
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{3xLp)^ := 3a;(P(a;) A Lp^). 

Let 21 be a structure without functions and constants. Consider the struc- 
ture iB with universe P® and relations which are restrictions of the rela- 
tions of 21, where P® ^ 0. Show 21 |= *8 |= cr for sentences a. Why 

are only relations allowed in 21? 

12. Let S' be a binary predicate symbol. Show [= ^3yVa;(S(?/, a;) —‘S{x,x)). 

(Think of “y shaves x” and recall Russell’s barber’s paradox) . 

13. (i) Show that the “free for” conditions cannot be dropped from 2.5.8. 

(ii) Show \= t = s =>|= p>[t/x] ^ <p[s/x] . 

(iii) Show 1= '0 =>[= <-*■ cr['0/$] . 

14. Find prenex normal forms for 

(a) ^{{-^'ixip{x) V \/xij){x)) A (3xcr(x) ^ Vxr(x))), 

(b) Vx(/j(x) ^ 3x0(x), 

(c) -^{3xtf{x,y) A (Vy0(y) ^ <p{x.x)) 3x'iya{x,y)), 

(d) ((Vx<p(x) ^ 3y0(x,y)) ^ '0(x,x)) ^ 3x'iya{x,y). 

15. Show 1= 3x{lp{x) \/y(p{y)). (It is instructive to think of (fi{x) as ‘x 
drinks’). 



2.6 Identity 

We have limited ourselves in this book to the consideration of structures with 
identity, and hence of languages with identity . Therefore we classified “=’ 
as a logical symbol, rather than a mathematical one. We can, however, not 
treat = as just some binary predicate, since identity satisfies a number of 
characteristic axioms, listed below. 

11 Vx(x = x), 

1 2 Vxy(x = y ^ y = x), 

1 3 'ixyz(x = y/\y = z—*x = z), 

14 Vxi . ..XnVi ■ ..yni/^ Xi = y,^ t(xi, . . . ,x„) = t(yi, . . .,?/„)), 

i<n 

Vxi . ..XnVi ■ ..yni/^ Xi = yi^ {’p{xi,. . . ,x„) ^ tf{yi, . . .,?/„)))■ 

i<n 

One simply checks that Ii, 12 , 1 s are true, in all structures 21. For I 4 , ob- 
serve that we can suppose the formulas to be closed. Otherwise we add quan- 
tifiers for the remaining variables and add dummy identities, e.g. 

Vzi . . . ZkXi . . . XnVl ■ ■ ■ Vni/^ Xi = yi A Zk = Zk ^ t(xi, ...,Xn) = 

i<n i<k 

t{yi, . . . ,yn)). Now (t(ai, ...,a„))®‘ defines a function on |21|", obtained 
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from the given functions of 21 by various substitutions, hence ai = bi{i < n) ^ 
. . . ,an))^ = t(bi, . . . ,bn))^- This establishes the first part of I4. 

The second part is proved by induction on ip (using the first part): e.g. 
consider the universal quantifier case and let = bi for all i < n. 

i h 

2t 1= ai, . . . , a„) 21 )= :p(c, oi, . . . , a„) for all c 

21 \= ip{c,b\^ . . . ,bn) for all c 21 ^ . . . ,bn)- 

So 21 h (/X\ ^ 21 h oi, . . . , a„) ^ yuif{u, 61, . . . bn)) 

i<n 

This holds for all oi, . . a„, bi, . . bn, hence 21 |= Vxi, . . . XnUi ■ ■ - yn i/A Xi = 

i<n 

Vi 

(yuif{u, Xi,...,Xn) — > yuip{u, 2/1, , Vn))- 

Note that ip (respectively t), in I4 can be any formula (respectively term), 
so I4 stands for infinitely many axioms. We call such an “instant axiom” an 
axiom schema . 

The first three axioms state that identity is an equivalence relation. I4 
states that identity is a congruence with respect to all (definable) relations. 

It is important to realize that from the axioms alone, we cannot determine 
the precise nature of the interpreting relation. We explicitly adopt the con- 
vention that “=” will always be interpreted by real equality. 

Exercises 

1. Show 1= \/x3y{x = y). 

2. Show 1= \/x{ip{x) y^y{x = y /\ P’iy))) and 

^ \/x{p{x) <-> yy{x = y ^ ip{y))), where y does not occur in ip{x). 

3. Show that |= ip{t) ^ yx{x = t^ V’i^)) T a: ^ FV{t). 

4. Show that the conditions in exercises 2 and 3 are necessary. 

5. Consider cti = yx{x ~ x), a2 = yxy{x ~ y — > ?/ ~ a:), (T3 = yxyz{x ~ 
yAy~z— >x~2). Show that if 2t ^ cti A ct 2 A 0-3, where 21 = {A, R), 
then R is an equivalence relation. N.B. a; ~ y is a suggestive notation for 
the atom R[x, y). 

6. Let (T4 = yxyz{x ~yAa;~z^y~z). Show that cti, (T4 |= (T2 A 173. 

7. Consider the schema 0-5 : x ~ y — > {ip[x/z\ ip[y/z\). Show that 

O’!, 0-5 h 0-2 A 0-3. N.B. if cr is a schema, then A U {a} |= ip stands for 
A U A 1= yj, where E consists of all instances of a. 



8. Derive the term-version of I4 from the formula version. 



2.7 Examples 
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2.7 Examples 

We will consider languages for some familiar kinds of structures. Since all 
languages are built in the same way, we shall not list the logical symbols. All 
structures are supposed to satisfy the identity axioms I\ — li- 
For a refinement see 2.10.2. 

1. The language of identity. Type: ;0). 

Alphabet. 

Predicate symbol : = 

The structures of this type are of the form 21 = (A), and satisfy Ii,l 2 ,h. (In 
this language I 4 follows from Ii, 12 , 1 s, cf. 2.10 Exercise 5). 

In an identity structure there is so little “structure” , that all one can vir- 
tually do is look for the number of elements (cardinality) . There are sentences 
A,i and pn saying that there are at least (or at most) n elements (Exercise 3, 
section 3.1) 



So 2t ^ A„ A iff |2t| has exactly n elements. Since universes are not empty 
1= 3x{x = x) always holds. 

We can also formulate ''‘there exists a unique x such that . . .”. 

Definition 2.7.1 3\xip{x) := 3x{(p{x) f\yy{(p{y) x = y)), where y does not 
occur in ip{x). 

Note that 3\x(p{x) is an (informal) abbreviation. 

2. The language of partial order. Type: (2;— ;0). 

Alphabet. 

Predicate symbols : =, < . 

Abbreviations x ^ y := ^x = y, x < y := x < y A x ^ y, 



Definition 2.7.2 21 is a partially ordered set(poset) if ^ is a model of 




X > y := y < X, 
x<y<z:=x<yAy<z. 



X > y := y < X 



\/xyz{x < y < z ^ X < z), 
\/xy{x <y<x-^x = y). 
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The notation may be misleading, since one usually introduces the relation 
< (e.g. on the reals) as a disjunction: x < y or x = y. In our alphabet the 
relation is primitive, another symbol might have been preferable, but we chose 
to observe the tradition. Note that the relation is reflexive: x < x. 

Partially ordered sets are very basic in mathematics, they appear in many 
guises. It is often convenient to visualize posets by means of diagrams, where 
a < b is represented as equal or above (respectively to the right). One of the 
traditions in logic is to keep objects and their names apart. Thus we speak of 
function symbols which are interpreted by functions, etc. However, in practice 
this is a bit cumbersome. We prefer to use the same notation for the syntactic 
objects and their interpretations, e.g if 91 = (K, <)) is the partially ordered 
set of reals, then 91 |= yx3y{x < y), whereas it should be something like 
\/x3y(x<y) to distinguish the symbol from the relation. 

The “<’ in 91 stands for the actual relation and the ‘<’ in the sentence 
stands for the predicate symbol. The reader is urged to distinguish symbols 
in their various guises. 

We show some diagrams of posets. 




From the diagrams we can easily read off a number of properties. E.g. 
2li ^ 3x\/y{x < y)(J2ii is the structure with the diagram of figure i), i.e. 
2ti has a least element (a minimum). 2I3 ^ yx—^3y{x < y). i.e. in Sta no ele- 
ment is strictly less than another element. 



Definition 2.7.3 (i) 2t is a (linearly or totally) ordered set if it is a poset 

and 21 |= Wxy^x < y\/ y <x) (each two elements are comparable) . 

(a) 21 is densely ordered z/2l ^ \/xy{x < y — > 3z{x < z A z < y)) (between 
any two elements there is a third one). 

It is a moderately amusing exercise to find sentences that distinguish be- 
tween structures and vice versa. E.g. we can distinguish 2I3 and 2I4 (from 
the diagram above) as follows: in 2I4 there is precisely one element that is 
incomparable with all other elements, in 2I3 there are more such elements. 
Put cf{x) := Vy(y ^ x —>■ ^y < x A ~^x < y). Then 

214 1= yxy{a{x) A a{y) —>■ x = y), but 2I3 |= -A/xy{a{x) A a(y) x = y). 
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3. The language of groups. Type: (— 

Alphabet. 

Predicate symbol: = 

Function symbols: 

Constant symbol: e 

Notation: In order to conform with practice we write t ■ s and instead of 
•(t, s) and 



Definition 2.7.4 2t is a group if it is a model of 
yxyz{{x -y) ■ z = x-{y ■ z)), 
yx{x ■ e = X A e ■ X = x), 

Vx{x ■ x~^ = e A x~^ ■ X = e). 

When convenient, we will write ts for t.s; we will adopt the bracket conventions 
from algebra. A group 2t is commutative or abelian if 21 |= \/xy{xy = yx). 

Commutative groups are often described in the language of additive groups, 
which have the following alphabet: 

Predicate symbol: = 

Function symbols: +, - 
Constant symbol: 0 

4. The language of plane projective geometry. Type: (2; — ; 0) 

The structures one considers are projective planes, which are usually taken 
to consist of points and lines with an incidence relation. In this approach the 
type would be (1, 1,2; — ; 0). We can, however, use a more simple type, since 
a point can be defined as something that is incident with a line, and a line as 
something for which we can find a point which is incident with it. Of course 
this requires a non-symmetric incidence relation. 

We will now list the axioms, which deviate somewhat from the traditional 
set. It is a simple exercise to show that the system is equivalent to the standard 
sets. 

Alphabet. 

Predicate symbols: /, =. 

We introduce the following abbreviations: 
n{x) := 3y{xly), A{y) := 3x{xly). 

Definition 2.7.5 21 is a projective plane if it satisfies 

70 : yx{n{x) ^ ~^A{x)), 

7 1 : yxy{n{x) A II{y) — >■ 3z{xlz A ylz) 

72 : yuv{A{u) A A{v) — >■ 3x{xlu A xlv)), 

73 : yxyuv{xlu A ylu A xlv A ylv ~^x = yyu = v), 
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')4^:3xQXiX2X'3,UoUiU2U'3,{f^ xJui^ xJujA -^xjuj). 

j — i—l{mod3) j^i — l(mod3) 

i=Aj 

7o tells us that in a projective plane everything is either a point, or a line, 71 
and 72 tell us that “any two lines intersect in a point” and “ any two points 
can be joined by a line”, by 73 this point (or line) is unique if the given lines 
(or points) are distinct. Finally 74 makes projective planes non-trivial, in the 
sense that there are enough points and lines. 

iT® = {a S |2l||2l 1= n{a)} and = {b G |2t||2l \= A{b)} are the sets of 
points and lines of 21; I® is the incidence relation on 21. 

The above formalization is rather awkward. One usually employs a two- 
sorted formalism, with P,Q,R,... varying over points and i,m,n . . . varying 
over lines. The first axiom is then suppressed by convention. The remaining 
axioms become 

7) :yPQ 3 i{PHAQIi), 

7, : \/im 3 p\pii A PIm), 

73 : 'iPQim{PIi A QI£ A PIm A Qlm ^ P = Q \f £ = m), 

7; : 3 PoPiP 2 PMi 2 i:i PrUr A PiUj A ~^PJ£j). 

j — i—l{Tnod3) — 

The translation from one language to the other presents no difficulty. The 
above axioms are different from the ones usually given in the course in pro- 
jective geometry. We have chosen these particular axioms because they are 
easy to formulate and also because the so-called Duality principle follows im- 
mediately. (cf. 2.10, Exercise 8). The fourth axiom is an existence axiom, it 
merely says that certain things exist; it can be paraphrased diffently: there are 
four points no three of which are collinear (i.e. on a line). Such an existence 
axiom is merely a precaution to make sure that trivial models are excluded. 
In this particular case, one would not do much geometry if there was only one 
triangle! 

5. The language of rings with unity. Type: (— ;2,2,1;2) 

Alphabet. 

Predicate symbol: = 

Function symbols: -I-, — 

Constant symbols: 0, 1 



Definition 2.7.6 21 fs a ring (with unity) if it is a model of 

\/xyz{{x + y) + z = x+{y + z)), 

Vxy{x + y = y + x), 

Vxyz{{xy)z = x{yz)), 

\/xyz{x{y + z) = xy + xz), 
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\/xyz{{x + y)z = xz + yz), 

\/x{x + 0 = a;), 

\/x\x + (—a;) = 0), 

Va;(l • a; = a; A a; • 1 = a;), 

0^1 

A ring 2t is commutative «/2t |= \/xy{xy = yx). 

A ring ^ is a division ring if^\= Vx(a; ^ 0 ^ 3y(a;y = 1)). 

A commutative division ring is called a field . 

Actually it is more convenient to have an inverse-function symbol available 
in the language of fields, which therefore has type (— ; 2, 2, 1, 1; 2). 

Therefore we add to the above list the sentences 
yx{x yf 0 ^ a; • x~^ = 1 A x~^ • a; = 1) and 0“^ = 1. 

Note that we must somehow “fix the value of 0“^”, the reason will appear 
in 2.10, Exercise 2 . 

6. The language of arithmetic . Type (— ; 2, 2, 1; 1). 



Alphabet. 

Predicate symbol: = 

Function symbols: +,-,S 
Constant symbol: 0 

{S stands for the successor function ni-^ n+1). 

Historically, the language of arithmetic was introduced by Peano with the 
intention to describe the natural numbers with plus, times and successor up 
to an isomorphism. This in contrast to, e.g. the theory of groups, in which one 
tries to capture a large class of non-isomorphic structures. It has turned out, 
however, that Peano’s axioms characterise a large class of structures, which 
we will call (lacking a current term) Peano structures. Whenever confusion 
threatens we will use the official notation for the zero-symbol: 0, but mostly 
we will trust the good sense of the reader. 



Definition 2.7.7 A Peano structure 21 is a model of 
Vx(0 5(x)), 
yxy{S{x) = S{y) ^ x = y), 

Vx(a; -I- 0 = x), 

yxy{x + S{y) = S{x + y)), 

'ix{x -0 = 0), 

Wxy{x ■ S{y) =x-y + x), 

:p(0) A \/x{ip{x) ip{S[x))) \/xLp(x). 

The last axiom schema is called the induction schema or the principle of 
mathematical induction. 
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It will prove convenient to have some notation. We define: 

1 := S'(O), 2 := S'(l), and in general n + 1 := S{n), 

X < y := 3z{x + Sz = y), 

X < y := X < y \/ X = y. 

There is one particular Peano structure which is the intended model of arith- 
metic, namely the structure of the ordinary natural numbers, with the or- 
dinary addition, multiplication and successor (e.g. the finite ordinals in set 
theory) . We call this Peano structure the standard model 01, and the ordinary 
natural numbers are called the standard numbers. 

One easily checks that = n and ^ \= n <m ^ n < m: hy definition of 

interpretation we have 0^ = 0. Assume = n,n + = {S{n))‘^ = n^-|-l = 

n-|-l. We now apply mathematical induction in the meta-language, and obtain 
= n for all n. For the second claim see Exercise 13. In 01 we can define all 
kinds of sets, relations and numbers. To be precise we say that a k-ary relation 
i? in 01 is defined hy ip \i (oi, . . . , Ofc) € i? 01 |= p{oi , . . . , a^). An element 
a G |01| is defined in 01 by if 01 |= ip(b) 6 = a, or 01 [= \/x{tp{x) ^ x = a). 

Examples, (a) The set of even numbers is defined by E{x) := 3j/(a; = y + y). 
(b) The divisibility relation is defined by x\y := Bz(xz = y). (c) The set of 
prime numbers is defined by P{x) := \/yz{x = yz ^ y = 1\/ z = 1) A x ^ 1. 

We say that we have introduced predicates E, \ and P by (explicit) definition. 
7. The language of graphs. 

We usually think of graphs as geometric figures consisting of vertices and 
edges connecting certain of the vertices. A suitable language for the theory 
of graphs is obtained by introducing a predicate R which expresses the fact 
that two vertices are connected by an edge. Hence, we don’t need variables or 
constants for edges. 

Alphabet. 

Predicate symbols: R, = . 



Definition 2.7.8 A graph is a structure 21 = (A, R) satisfying the following 
axioms: \/xy{R{x,y) ^ R{y,x)) 

\/x^R{x, x) 

This definition is in accordance with the geometric tradition. There are ele- 
ments, called vertices, of which some are connected by edges. Note that two 
vertices are connected by at most one edge. Furthermore there is no (need for 
an) edge from a vertex to itself. This is geometrically inspired, however, from 
the point of view of the numerous applications of graphs it appears that more 
liberal notions are required. 
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Examples. 





We can also consider graphs in which the edges are directed. A directed graph 
21 = {A,R) satisfies only yx^R{x,x). 

Examples. 




If we drop the condition of irrefiexivity then a “graph” is just a set with a 
binary relation. We can generalize the notion even further, so that more edges 
may connect a pair of vertices. 

In order to treat those generalized graphs we consider a language with two 
unary predicates V, E and one ternary predicate C. Think of V (x) as “x is 
a vertex”. E{x) as “a; is an edge”, and C{x,z,y) as “z connects x and y”. 
A directed multigraph is a structure = (A, V, E, C) satisfying the following 
axioms: Va;(I^(a;) ^ ~^E{x)), 

\/xyz{C{x,z,y) V{x) AV{y) A E{z)). 

The edges can be seen as arrows. By adding the symmetry condition, 
yxyz{C{x, z,y) C{y,z,x)) one obtains plain multigraphs. 




Examples. 
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Remark: The nomenclature in graph theory is not very uniform. We have 
chosen our formal framework such that it lends itself to treatment in first-order 
logic. 

For the purpose of describing multigraphs a two-sorted language (cf. geom- 
etry) is well-suited. The reformulation is left to the reader. 

Exercises 

1. Consider the language of partial order. Define predicates for (a) x is the 
maximum] (6) x is maximal] (c) there is no element between x and y; 
(d) X is an immediate successor (respectively predecessor) of y; (e) z is the 
infimum of x and y. 

2. Give a sentence cr such that 2I2 1= cr and 214 |= (for 21* associated to 
the diagrams of p.84). 

3. Let 2li = (N, <) and 2I2 = (Z, <) be the ordered sets of natural, respec- 
tively integer, numbers. Give a sentence a such that 2li ^ cr and 2I2 |= ^cr. 
Do the same for 2I2 and *8 = (Q, <) (the ordered set of rationals). N.B. a is 
in the language of posets; in particular, you may not add extra constants, 
function symbols, etc., defined abbreviations are of course harmless. 

4. Let a = 3x'iy{x < y V y < x). Find posets 21 and 18 such that 21 |= cr and 
18 1= ^cr. 

5. Do the same for cr = yxy3z[{x < z A y < z) V {z < x A z < y)]. 

6. Using the language of identity structures give an (infinite) set F such that 
21 is a model of F iff 21 is infinite. 

7. Consider the language of groups. Define the properties: (a) x is idempo- 
tent; (b) x belongs to the centre. 

8. Let 21 be a ring, give a sentence cr such that 21 )= cr 21 is an integral 
domain (has no divisors of zero). 

9. Give a formula cr(a;) in the language of rings such that 21 |= cr(a) the 
principal ideal (a) is prime (in 21). 

10. Define in the language of arithmetic: (a) x and y are relatively prime; (b) 
x is the smallest prime greater than y; (c) x is the greatest number with 
2x < y. 
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11. a := Va;i . . . Xn^yi ■ ■ ■ ym<p and r := 3yi . . . j/mV' are sentences in a lan- 
guage without identity, function symbols and constants, where ip and 
are quantifier free. Show: \= a a holds in all structures with n elements. 
\= T T holds in all structures with 1 element. 

12. Monadic predicate calculus has only unary predicate symbols (no identity) . 

Consider 21 = {A, i?i, . . . , i?„) where all Ri are sets. Define a ^ b := a G 
Ri b G Ri for all i < n. Show that ~ is an equivalence relation and that 
~ has at most 2” equivalence classes. The equivalence class of a is denoted 
by [a]. Define B = Aj ~ and [a] G 5'i a G Ri,^ = {B, , Sn)- 

Show 21 1= cr *8 1= (T for all cr in the corresponding language. For such 
a show ^ (T 21 1= cr for all 21 with at most 2" elements. Using this fact, 
outline a decision procedure for truth in monadic predicate calculus. 

13. Let Tl be the standard model of arithmetic. Show Tl|=n<TO<^n<TO. 

14. Let 2t = (N, <) and 25 = (N, A), where n A m iff (i) n < to and n, m both 
even or both odd, or (ii) if n is even and to odd. Give a sentence cr such 
that 21 1= cr and £ \= 

15. If {A,R) is a projective plane, then {A,R) is also a projective plane {the 
dual plane), where R is the converse of the relation R. Formulated in 
the two sorted language: if {Ap,Al,I) is a projective plane, then so is 
{Al,Ap,I)). 
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We extend the system of section 1.5 to predicate logic. For reasons similar 
to the ones mentioned in section 1.5 we consider a language with connectives 
A, A and V. The existential quantifier is left out, but will be considered 
later. 

We adopt all the rules of propositional logic and we add 



wrJfiEh 

\/Xip{x) 



WI7 '^Xip{x) 



where in VI the variable x may not occur free in any hypothesis on which 
if{x) depends, i.e. an uncancelled hypothesis in the derivation of ip{x). In \/E 
we, of course, require t to be free for x. 



V/ has the following intuive explanation: if an arbitrary object x has the 
property ip, then every object has the property ip. The problem is that none of 
the objects we know in mathematics can be considered “arbitrary” . So instead 
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of looking for the “arbitrary object” in the real world (as far as mathemat- 
ics is concerned), let us try to find a syntactic criteria. Consider a variable 
X (or a constant) in a derivation, are there reasonable grouns for calling x 
“arbitrary” ? Here is a plausible suggestion: in the context of the derivations 
we shall call x arbitrary if nothing has been assumed concerning x. In more 
technical terms, x is arbitrary at its particular occurrence in a derivation if 
the part of the derivation above it contains no hypotheses containing x free. 

We will demonstrate the necessity of the above restrictions, keeping in 
mind that the system at least has to be sound, i.e. that derivable statements 
should be true. 

Restriction on V/ : [a: = 0] 

'ix{x = 0) 

X = 0 ^ Vx(x = 0) 

Vx(x = 0 ^ Vx(x = 0)) 

0 = 0^ Vx(x = 0) 

The V introduction at the first step was illegal. 

So h 0 = 0 — *■ Vx(x = 0), but clearly ^ 0 = 0 — > Vx(x = 0) (take any 
structure containing more than just 0). 

Restriction on Vif: [Vx^Vy(x = y)] 

-''^y{y = y) 

Vx^Vy(x = y)^ ^Vy(?/ = y) 

The V elimination at the first step was illegal. 

Note that y is not free for x in ~Ny{x = y). The derived sentence is clearly 
not true in structures with at least two elements. 

We now give some examples of derivations. We assume that the reader has 
by now enough experience in cancelling hypotheses, so that we will not longer 
indicate the cancellations by encircled numbers. 



[VxV?/v3(x, y)] 
'^y‘f{x,y) 
y^i.x,y) 
\/x(fi{x,y) 
yyyx{(fi{x,y) 



WE 



WE 

yi 



■ yi 



[Vx(f^(x) A '0(x))] [Vx(:/5(x) A ipix))] 



<p{x) A 'ip{x) 
<f{x) 



ip(x) A ipix) 

Hx) 



yxip{x) 



yxtfj{x) 



yxip{x) A Vx'0(x) 



yxyy(fi{x, y) yyyx(f{x, y) 



yx{ip Alp) ^ yx(fi A Vx'0 
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Let X ^ FV{(fi) 

[Wx{ip V'(a;))] 
ip tlj{x) 



WE 



[<^] 



'0(x) 

\/xtp{x) 



V/ 



p —>■ Va;'0(a;) 



E 



\/x{p i’ix)) —>■ (p —>■ Va;('0(a;)) 



\/xp 



V/ 



[Va;;/?] 



yE 



p yxp 



In the righthand derivation VI is allowed, since x ^ FV{p), and Vi? is ap- 
plicable. 

Note that V/ in the bottom left derivation is allowed because x ^ FV{p), 
for at that stage p is still (part of) a hypothesis. 

The reader will have grasped the technique behind the quantifier rules: re- 
duce a yxp to p and reintroduce V later, if necessary. Intuitively, one makes the 
following step: to show “ for all x ... x ... ” it suffices to show “. . . x . . . ” for an 
arbitrary x. The latter statement is easier to handle. Without going into fine 
philosophical distinctions, we note that the distinction “for all x ... x ...” - 
“for an arbitrary x ... x ... ” is embodied in our system by means of the 
distinction, “quantified statement” - “ free variable statement” . 

The reader will also have observed that under a reasonable derivation strat- 
egy, roughly speaking, elimination precedes introduction. There is a sound 
explanation for this phenomenon, its proper treatment belongs to proof theory, 
where normal derivations (derivations without superfluous steps) are consid- 
ered. See Ch. 6. For the moment the reader may accept the above mentioned 
fact as a convenient rule of thumb. 

We can formulate the derivability properties of the universal quantifier in 
terms of the relation h: 

F h p{x) F \- yxp{x) if X ^ FV {if) for all if G F 
F h yxp{x) => T h p{t) if t is free for x in p. 

The above implications follow directly from (V/) and (Vi?). 

Our next goal is the correctness of the system of natural deduction for 
predicate logic. We first extend the definition of \=. 
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Definition 2.8.1 Let F he a set of formulae and let ■ ■ ■} = 

\j{FV {ip)\ip € FU{cr}}. If a is a sequence (ai, 02 , ■ ■ ■) of elements (repetitions 
allowed) of |2l|, then F(a) is obtained from F by replacing simultaneously in 
all formulas of F the Xi^ by a,j{j > 1) (for F = {-ip} we write '0(a)). We now 
define 

(i) 21 \= F{a) if ^\= ^|; for all 0 € r{a) 

(a) F \= a i/ 21 1= F{a) ^ 21 0= cr(a) for all 2t,a. 



In case only sentences are involved, the definition can be simplified: 
r 1= cr if 21 h ^ ^ 21 h for all 21. 

If F = 0, we write |= a. 

We can paraphrase this definition as : F ^ cr, if for all structures 21 and all 
choices of a, a{a) is true in 21 if all hypotheses of F{a) are true in 21. 

Now we can formulate 

Lemma 2.8.2 (Soundness) F \- a ^ F \= a . 

Proof. By definition of L h cr is suffices to show that for each derivation V 
with hypothesis set F and conclusion a F \= a. We use induction on V (cf. 
1.5.1 and exercise 2). 

Since we have cast our definition of satisfaction in terms of valuations, 
which evidently contains the propositional logic as a special case, we can copy 
the cases of (1) the one element derivation, (2) the derivations with a propo- 
sitional rule at last step, from Lemma 1.6.1 (please check this claim). 

So we have to treat derivations with (V/) or (VE) as the final step. 

(V/) V T> has its hypotheses in F and x is not free in F. 

(p{x) Induction hypothesis: F |= ip{x), i.e. 21 |= L(a) 
yxip{x) 21 1= (</3(a;))(a) for all 21 and all a. 

It is no restriction to suppose that x is the first of the free variables involved 
(why?). So we can substitute oi for x in ip. Put a = (oi,a').Now we have: 
for all Oi and a' = ( 02 , . . .) 21 |= P(a') 21 ^ :/j(^)(a'), so 

for all a' 21 1= F{a') (21 ^ (:/j(ai))(a') for all a \ , so 

for all a' 21 ^ r\a') 21 |= (Va;:/9(a:))(a'). 

This shows F \= \/x<p{x). (Note that in this proof we used Va;((T — > t{x)) — > 
(cr — > \/xt(x)), where x ^ FV{a), in the metalanguage. Of course we may use 
sound principles on the metalevel). 

(Vi?) T> Induction hypothesis: F ^ yx(p{x), 

'ixip{x) i.e. 21 \= F{a) 21 [= (Va;:/3(a:))(a), 

(fi{t) for all a and 21. 
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So let 21 1= r(a), then 21 |= (f(b){a) for all b G |2l|. In particular we may 
take t[a/z] for b, where we slightly abuse the notation; since there are finitely 
many variables zi, . . . , we only need finitely many of the a^’s, and we con- 
sider it therefore an ordinary simultaneous substitution. 

21 1= ((^[a/z])[t[a/z]/a;], hence by Lemma 2.5.4, 21 ^ {ip\t / x])[a/ x], or 21 |= 
((p(t))(a). □ 

Having established the soundness of our system, we can easily get non- 
derivability results. 

Examples. 

1 . x3inp ^ ^y'i xip . 

Take 21 = ({0, 1}, {(0, 1), (1, 0)}) (type (2;— ;0)) and consider 
p := P{x,y), the predicate interpreted in 21. 

21 1= yx3yP{x,y), since for 0 we have (0,1) G P and for I we have 

(1.0) GP. 

But, 21 ^ 3yyxP{x,y), since for 0 we have (0,0) ^ P and for 1 we have 

(1.1) ^P. 

2. \/xp{x,x),\/xy{p{x,y) p{y,x))) \/ yxyz{p{x,y) A p{y,z) p(x,z)). 

Consider *8 = (K, P) with P = {(a, 6) | |a — 5| < 1}. 



Although variables and constants are basically different, they share some 
properties. Both constants and free variables may be introduced in deriva- 
tions through VP, but only free variables can be subjected to VI, - that is 
free variables can disappear in derivations by other than propositional means. 
It follows that a variable can take the place of a constant in a derivation but 
in general not vice versa. We make this precise as follows. 



Theorem 2.8.3 Let x he a variable not occurring in P or p. 

(i) P \- p ^ r[x/c\ h p[x/c\. 

(ii) If c does not occur in P, then P h p{c) P h Vxp(x). 

Proof, (ii) follows immediately from (i) by VI. (i) Induction on the derivation 
of P \- p. Left to the reader. □ 

Observe that the result is rather obvious, changing c to a; is just as harm- 
less as colouring c red — the derivation remains intact. 



Exercises 

1. Show: (i)h Vx{p{x) ipix)) (Vxp{x) Vxip{x)), 

(ii) h Vxp{x) — >■ -Nx^p{x), 

(iii) l- Vxp{x) Vzp{z) if z does not occur in p{x), 
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(iv) h yx'iyifiix, y) 'iy'ixy}{x, y), 

(v) h \/x'iyip{x, y) yx(p{x, x), 

(vi) h yx{(fi{x) A tp{^)) ^ yxip{x) A yxtf}{x), 

(vii) h yx{ip '0(a;)) {ip ^ \/ xijj{x)) , where x ^ FV{<p). 

2. Extend the definition of derivation to the present system (cf. 1.4.1). 



3. Show (s(t)[a/a;])^ = (s((t[a/a;])®)[a/ 2 ;])^. 

4. Show the inverse implications of 2.8.3. 

5. Assign to each atom P(ti, . . . ,tn) a proposition symbol, denoted by P. 
Now define a translation f from the language of predicate logic into the 
language of propositional logic by 

P{ti, . . . ,tn)Y ■= P and _L'f:=_L 

:= 

:= 

Show P \- ip ^ P"^ p\ where stands for “derivable without using 
(V/) or (VE)” (does the converse hold?) 

Conclude the consistency of predicate logic. 

Show that predicate logic is conservative over propositional logic (cf. def- 
inition 3.1.5). 



2.9 Adding the Existential Quantifier 



Let us introduce 3xp as an abbreviation for Pix~'p (Theorem 2.5.1 tells us 
that there is a good reason for doing so). We can prove the following: 



Lemma 2.9.1 (i) (^(t) h 3xp{x) (t free for x in p) 

{a) P, p{x) \- ij: ^ P, 3xp{x) h if 

if X is not free in if or any formula of P. 



Proof, (i) 



[ix^pix)] 



^p{t) p{t) 

_L 

> I 



so p{t) h 3xp{x) 



Nx^p{x) 
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(ii) 



[^p{x)\ 

V 

Ip 




-<yx^(p{x) \/x-^(p{x) 



1 

-RAA 

tP 



□ 



Explanation. The subderivation top left is the given one; its hypotheses are 
in r U {ip{x)} (only ip{x) is shown). Since ip{x) (that is, all occurrences of it) 
is cancelled and x does not occur free in E or ip, we may apply V/. From the 
derivation we conclude that E, 3xip{x) h 'ip. 

We can compress the last derivation into an elimination rule for 3: 

[<7>] 

3xip{x) 'ip 
iP 

with the conditions: x is not free in ip, or in a hypothesis of the subderivation 
of Ip, other than ip{x). 

This is easily seen to be correct since we can always fill in the missing 
details, as shown in the preceding derivation. 



<f{t) 

By (i) we also have an introduction rule: 3/ for t free for x in ip. 

3a; ifi{x) 



Examples of derivations. 

[Va;(:/?(a:) ^ tp)]^ 



ip{x) -ip 



WE 



[ipix)]^ 



iP 



E 



iP 



3E-I 



\3xip{x)Y 



X ^ FV (tp) 
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3xifi{x) 



3xtp{x) 



[< 4 i{x) V V>(a;)]^ 3xip(x) V 3x'il){x) 3xip{x) V 3x'4>{x) 



[3x{ip{x) V i){x))f 



3x(p{x) V 3xip{x) 



VEi 



3x(p{x) V 3xtp{x) 



■3E2 



> E 

3x{(fi{x) V ■0(a;)) — > 3xifi{x) V 3xi/’(®) 

We will also sketch the alternative approach, that of enriching the language. 



Theorem 2.9.2 Consider predicate logic with the full language and rules for 
all connectives, then h 3x(p{x) <-> -tix^ip{x). 

Proof. Compare 1.6.3. □ 



It is time now to state the rules for V and 3 with more precision. We want 
to allow substitution of terms for some occurrences of the quantified variable 
in (Vif) and (3if). The following example motivates this. 



yx(x = x) 

— -yE 

X = X 

3/ 

3y{x = y)) 



The result would not be derivable if we could only make substitutions for all 
occurrences at the same time. Yet, the result is evidently true. 

The proper formulation of the rules now is: 



VJ 



yxip 



yE 



yx(fi 

(p[t/x] 



[<^] 



(p[t/^ 

3x(fi 

with the appropriate restrictions. 



Ip 



Exercises 

1. h 3x{(f{x) A '0) <-> 3xip{x) f\ip li X ^ FV{tlj), 

2. h yx((p(x) V 0) <-> yx<p(x) V Ip if X ^ Fv\ip), 

3. h yx(p{x) —i3x^ip{x), 

4. I — iyxip{x) <->■ 3x^ip{x), 
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5. I — •3xip{x) <->■ Va;-u^(a;), 

6. h 3x{ip{x) ^ 'ip) {\/xip{x) ip) ii X ^ FV{ip), 

7. h 3a;(<p ^ ’fp{x)) ^ ^ 3xip(x)) if x ^ FV(ip) , 

8. h BxByip ^ BpBxifi, 

9. h Bxip ^ tp if X pP FV{ip). 



2.10 Natural Deduction and Identity 

We will give rules, corresponding to the axioms Ii — I 4 of section 2.6. 

RIi 

X = X 



x = y 



RI2 



y = x 



x=y y=z 



X = z 



RI3 



— 2/lj • • ■ 5 — Vn 



■RI4 



t(a;i, ...,Xn)= t{yi, ...,yn) 

Xi=yi,...,Xn=yn (p{xi,...,Xn) 
ip{yi,...,yn) 



RI4 



where j/i, . . . , t/n are free for Xi, . . . ,Xn in ip. Note that we want to allow sub- 
stitution of the variable yi (i < n) for some and not necessarily all occurrences 
of the variable Xi. We can express this by formulating RI 4 in the precise terms 
of the simultaneous substitution operator: 



— 2/I7 • • • 7 — Vn 



t [xi , . . . , Xn /-2^1 j • • ■ j '2^n] — ^[|/l 5 ■ ■ ■ 5 Vnl 5 • ■ ■ 5 ^ri\ 
Xi=yi,...,Xn=yn P[xij- ■ ..Xnjzi, . . . , Zn] 



Example. 



y^[yi,---,yn/z4,...,Zn] 

X = y x^ +y^ > 12x 
2 y'^ > 12a; 

X = y x^ +y^ > \2x 



x^ + y^ > I 2 y 
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X = y +y^ > 12x 
2y^ > 12y 

The above are three legitimate applications of i ?/4 having three different con- 
clusions. 

The rule Rl\ has no hypotheses, which may seem surprising, but which 
certainly is not forbidden. 

The rules have many hypotheses, as a consequence the derivation trees 
can look a bit more complicated. Of course one can get all the benefits from 
i ?/4 by a restricted rule, allowing only one substitution at the time. 



Lemma 2.10.1 h /or i = 1, 2, 3, 4. 

Proof. Immediate. □ 

We can weaken the rules RI 4 slightly by considering only the simplest 
terms and formulae. 



Lemma 2.10.2 Let L be of type (ri, . . . , r„; oi, . . . , am] k). If the rules 
Xi=yi,.--,Xri=yn Pi{xi,...,Xn) 






■ for all i < n 



and 



Xi =yi,.. -,Xaj = yaj 

fj{xi,...,Xa^) = fj{yi,...,yaj) 



for all j < m 



are given, then the rules RI 4 are derivable. 



Proof. We consider a special case. Let L have one binary predicate symbol 
and one unary function symbol. 



(i) We show x = y \~ t{x) = t{y) by induction on t. 

(a) t(x) is a variable or a constant. Immediate. 

(b) t{x) = f{s{x)). Induction hypothesis: x = y \~ s{x) 

[x = y] 



fix) = f{y) 

\/xy{x = y^ fix) -- 
s(a;) = s{y) fis{x)) 



V/ 2x 



fjy)) 

-- fisiy)) 



siy) 



fisix)) = fisiy)) 



x = y 
V 

s(a;) = s{y) 
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This shows x = y\~ f{s{x)) = f{s{y)). 

(ii) We show x = y, (fi{x) h ip{y) 

(a) ip is atomic, then ip = P(t,s). t and s may (in this example) contain 
at most one variable each. So it suffices to consider 
xi = yi,X2 = y2,P{t{xi,X2),s{xi,X2)) b P{t{yi,y2),s{yi,y2)), 
{i.e.P(t[xi,X2/zi,Z2\, ■ ■ .). 

Now we get, by applying — > E twice, from 



'^xiX 2 yiy 2 {xi = X 2 ^ (x 2 =V 2 ^ {P(xi,X 2 ) = P{yi,y 2 )))) 

s(a;i,a;2) = s(yi,?/2) ^ {t{xi,X2) = t{yi,y2) {P{sx,ta:) = P{sy,ty))) 

and the following two instances of (i) 



[xi = yi] [X2 = y2] [P{Xi,X2)] 



P{yuy2) 



I 3x 



Xi=X2^ (x2 = 2/2 ^ (P(a;i,a;2) = P(yi,y2))) 



Xi = 2/1 X 2 = 2/2 

V 

s(a;i,a;2) = s(2/i.//2) 



and 



t{xi,X2) = t{yi,y2) 



Xl = 2/1 X 2 = 2/2 

V 



the required result, {P{sx,tx) = P{sy,ty)). 



So Xl = yi,X 2 = 2/2 b P{Sx,tx) P{Sy,ty) 

where Sx = s{xi,X 2 ), Sy = s(2/i,2/2) 



tx = t{xi,X2), ty = f(2/l,2/2). 



(b) ip = a ^ T. 



Induction hypotheses: x = y, a{y) b a{x) 

x = y, t{x) b T{y) 

x = y W{y)] 



V 

a{x) a{x) 




x = y 



V 

x{y) 



<x{y) r{y) 
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So x = y, a{x) t{x) h a{y) 

(c) ip = a At, left to the reader. 

(d) (fi = \/z4’{z, x) 

Induction hypothesis: x = y,%l}{z,x) h ip{z,y) 

\fztp{z, x) 
t/j{z,x) x = y 

V 

Mz%l}{z,y) 



So X = y, Vz'0(z, x) h \/z4’{z,y). 

This establishes, by induction, the general rule. □ 

Exercises 

1. Show that Va;(x = x),\/xyz{x = yAz = y^x = z)\~ I 2 A I 3 (using 
predicate logic only). 

2. Show h 3x(t = x) for any term t. Explain why all functions in a structure 
are total (i.e. defined for all arguments); what is 0“^? 

3. Show h \/z{z = x^z = y)^x = y. 

4. Show h 'ixyz(x ^ y ^ x ^ z\/ y ^ z'). 

5. Show that in the language of identity /i,/ 2,/3 h Ia- 

6. Show \/x{x = ay X = by X = c) \- yxip{x) (^^(a) A ip{b) A ip{c)), where 
a, b, c, are constants. 

7. Show (i) yxy{f{x) = f{y) ^ x = y), yxy{g{x) = g{y) ^ x = y) \~ 

\/xy{f{g{x)) = f{g{y)) x = y), 

{ii)yy3xij{x) = y),\/y3x{g{x) = y) \~ \/y3x{f{g{x)) = y). 

Which properties are expressed by this exercise? 

8. Prove the following Duality Principle for projective geometry (cf. defini- 
tion 2.7.5): If r h If then also P \~ ip‘^, where P is the set of axioms of 
projective geometry and ip'^ is obtained from p by replacing each atom 
xly by ylx. (Hint: check the effect of the translation d on the derivation 
of p from r). 
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Completeness and Applications 



3.1 The Completeness Theorem 

Just as in the case of propositional logic we shall show that ‘derivability’ and 
‘semantical consequence’ coincide. We will do quite a bit of work before we 
get to the theorem. Although the proof of the completeness theorem is not 
harder than, say, some proofs in analysis, we would advise the reader to read 
the statement of the theorem and to skip the proof at the first reading and to 
return to it later. It is more instructive to go to the applications and it will 
probably give the reader a better feeling for the subject. 

The main tool in this chapter is the 

Lemma 3.1.1 (Model Existence Lemma) If F is a consistent set of sen- 
tences, then r has a model. 

A sharper version is 

Lemma 3.1.2 Let L have cardinality k. If F is a consistent set of sentences, 
then F has a model of cardinality < k. 

From 3.1.1 we immediately deduce Godel’s 

Theorem 3.1.3 (Completeness Theorem) F \- ip ^ F \= ip. 

We will now go through all the steps of the proof of the completeness the- 
orem. In this section we will consider sentences, unless we specifically mention 
non-closed formulas. Furthermore ‘h’ will stand for ‘derivability in predicate 
logic with identity’. 

Just as in the case of propositional logic we have to construct a model and 
the only thing we have is our consistent theory. This construction is a kind of 
Baron von Miinchhausen trick; we have to pull ourselves (or rather, a model) 
out of the quicksand of syntax and proof rules. The most plausible idea is to 
make a universe out of the closed terms and to define relations as the sets of 
(tuples of) terms in the atoms of the theory. There are basically two things 
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we have to take care of: (i) if the theory tells us that 3x<f(x), then the model 
has to make 3xip(x) true, and so it has to exhibit an element (which is in this 
case a closed term t) such that (p{t) is true. This means that the theory has 
to prove ip{t) for a suitable closed term t. This problem is solved in so-called 
Henkin theories, (ii) A model has to decide sentences, i.e. it has to say cr or 
for each sentence cr. As in propositional logic, this is handled by maximal 
consistent theories. 



Definition 3.1.4 (i) A theory T is a collection of sentences with the 
property T \- ip ^ ip G T (a theory is closed under derivability) . 

(u) A set r such that T = {p\F h p\ is called an axiom set of the theory T. 
The elements of T are called axioms. 

(Hi) T is called a Henkin theory if for each sentence 3xp{x) there is a constant 
c such that 3xp(x) —> p{c) € T (such a c is called a witness for 3xp{x)). 

Note that T = {cr|T h cr} is a theory. For, \i T \- p, then cri, . . . , crfc h p 
for certain ai with T \- at. 

Vi T >2 ■ ■ ■ T>i^ From the derivations!?! , . . . , of T h ct! , ... , 
ai (72 ... CTfe F h cTfc and T> of ai, ... ,ak p & derivation 
T> of F h is obtained, as indicated. 

T 

Definition 3.1.5 Let T and T' he theories in the languages L and L' . 

(i) T' is an extension of T ifTf-T', 

(ii) T' is a conservative extension ofT if T' C] L = T (i.e. all theorems of 
T' in the language L are already theorems of T ). 

Example of a conservative extension: Consider propositional logic P' in 
the language L with — > , A , T , , ^. Then exercise 2, section 1.6, tells us 

that P' is conservative over P. 

Our first task is the construction of Henkin extensions of a given theory 
T, that is to say: extensions of T which are Henkin theories. 



Definition 3.1.6 Let T he a theory with language L. The language L* is 
obtained from L by adding a constant c^p for each sentence of the form 3xp{x), 
a constant c^p . T* is the theory with axiom set 
TU {3xp{x) — r p{cip)\ 3xp{x) closed, with witness c,^}. 



Lemma 3.1.7 T* is conservative over T. 

Proof, (a) Let 3xp{x) — > p{c) be one of the new axioms. Suppose F, 3xp{x) — > 
p{c) h Ip, where ip does not contain c and where F is a set of sentences, none 
of which contains the constant c. We show P \- ip in a, number of steps. 
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1. r \- (3xip{x) V'j 

2. r \- (3xif{x) —>■ <^(j/)) —>■ 'i/’j where j/ is a variable that does not occur in 
the associated derivation. 2 follows from 1 by Theorem 2.8.3. 

3. T h yy[{3xip{x) ‘fiiy)) '</’]■ This application of (V/) is correct, since c 
did not occur in F. 

4. T h 3y{3x(fi{x) ‘f{y)) i’, (cf. example of section 2.9). 

5. r \- {3x(f{x) 3yip{y)) ijj, (section 2.9 exercise 7). 

6. h 3x^p{x) 3yLp{y). 

7. T h i/), (from 5,6). 

(b) Let T* \- 'll) for a, 'ip € L. By the definition of derivability T U 
{(Ti, . . . , cr„} h Ip, where the cr^ are the new axioms of the form 3xip{x) 
(/j(c). We show T \- tp hy induction on n. For n = 0 we are done. Let 
T U {(Ti, . . . ,(T„+i} h tp. Put r' = r U {(Ti, . . . , an}, then T' , an+i F tp 
and we may apply (a). Hence T U {cti, . . . , cr„} h tp. Now by induction 
hypothesis T \- tp. □ 

Although we have added a large number of witnesses to T, there is no 
evidence that T* is a Henkin theory, since by enriching the language we also 
add new existential statements 3xt{x) which may not have witnesses. In order 
to overcome this difficulty we iterate the above process countably many times. 



Lemma 3.1.8 Define Tq := T;Tn+i := (Tn)*; := U{T„|n > 0}. Then 

is a Henkin theory and it is conservative over T. 

Proof. Call the language of T„ (resp. Ti^) Ln (resp. L^^). 

(i) Tn is conservative over T. Induction on n. 

(ii) T^ is a theory. Suppose T^ h a, then ipQ,...,ipn F a for certain 
(po,...,(fn € T^. For each i < n ipi G T^^ for some uii. Let m = 
max{mi\i < n}. Since Tk C Tk+i for all k, we have C Tm{i < n). 
Therefore F cr. T^ is (by definition) a theory, so <t S T^ C T^. 

(iii) T^ is a Henkin theory. Let 3xtp{x) G then 3xtp{x) G for some n. 
By definition 3xtp{x) ip{c) G Tn+i for a certain c. So 3x(p(x) -s- <p(c) G 
7L. 

(iv) T^ is conservative over T . Observe that F cr if F tr for some n and 

apply (i). □ 

As a corollary we get: T^ is consistent if T is so. For suppose T^ in- 
consistent, then T^ FT. As is conservative over T (and Te L) T FT. 
Contradiction. 

Our next step is to extend T^ as far as possible, just as we did in propo- 
sitional logic (1.5.7). We state a general principle: 



Lemma 3.1.9 (Lindenbaum) Each consistent theory is contained in a max- 
imally consistent theory. 



106 3 Completeness and Applications 



Proof. We give a straightforward application of Zorn’s Lemma. Let T be consis- 
tent. Consider the set A of all consistent extensions T' of T, partially ordered 
by inclusion. Claim: A has a maximal element. 

1. Each chain in A has an upper bound. Let {Ti\i C /} be a chain. Then 
T' = UTi is a consistent extension of T containing all Tfs (Exercise 2). 
So T' is an upper bound. 

2. Therefore A has a maximal element Tm (Zorn’s lemma). 

3. Tm is a maximally consistent extension of T . We only have to show: Tm C 

T' and T' G A, then Tm = T' . But this is trivial as Tm is maximal in the 
sense of C. Conclusion: T is contained in the maximally consistent theory 
T □ 

Note that in general T has many maximally consistent extensions. The 
above existence is far from unique (as a matter of fact the proof of its existence 
essentially uses the axiom of choice). Note, however, that if the language is 
countable, one can mimick the proof of 1.5.7 and dispense with Zorn’s Lemma. 

We now combine the construction of a Henkin extension with a maximally 
consistent extension. Fortunately the property of being a Henkin theory is 
preserved under taking a maximally consistent extension. For, the language 
remains fixed, so if for an existential statement 3x^p{x) there is a witness c 
such that 3x(p{x) (p(c) G T, then trivially, 3x(p(x) —>■ (p(c) G Tm. Hence 



Lemma 3.1.10 An extension of a Henkin theory with the same language is 
again a Henkin theory. 

We now get to the proof of our main result. 



Lemma 3.1.11 (Model Existence Lemma) IfT is consistent, then T has 
a model. 

Proof. Let T = {a\P h a} be the theory given by T. Any model of T is, of 
course, a model of T. 

Let Tm be a maximally consistent Henkin extension of T (which exists by 
the preceding lemmas), with language Lm. 

We will construct a model of Tm using Tm itself. At this point the reader 
should realize that a language is, after all, a set, that is a set of strings of 
symbols. So, we will exploit this set to build the universe of a suitable model. 

1. A = {t G Lm\t is closed}. 

2. For each function symbol / we define a function / : ^ A by 

f{ti,...,tk) := f{ti,...,tkf 

3. For each predicate symbol P we define a relation P C A^’ by {t\, . . . ,tp) G 
P Tm\- P{ti, . . . ,tp). 

4. For each constant symbol c we define a constant c := c. 
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Although it looks as if we have created the required model, we have to 
improve the result, because ’=’ is not interpreted as the real equality. We can 
only assert that 

(a) The relation t ~ s defined by \~ t = s for t, s S A is an equivalence 

relation. By lemma 2.10.1, are theorems of T^, so Tm b Va;(a; = x), 

and hence (by WE) Tm h t = t, or f ~ f. Symmetry and transitivity follow in 
the same way. 

(b) ~ Sj (z ^ p'j and (ti , . . . , tp^ ^ P (si , . . . , Sp) € P . 

U ~ Si{i <k)^ /(ii, • . . ,tfc) ~ /(si, . . . , Sfc) for all symbols P and /. 

The proof is simple: use Tm b li (Lemma 2.10.1). 

Once we have an equivalence relation, which, moreover, is a congruence 
with respect to the basic relations and functions, it is natural to introduce the 
quotient structure. 

Denote the equivalence class of t under ~ by [t]. 

Define a := (A/ A, . . . , A,/i, • • • ,/m,{cA b /}),where 

A := {([ti],..., AJ)J(ti,...,tn) G A} 

Ci := [cA 

One has to show that the relations and functions on A/ ~ are well-defined, 
but that is taken care of by (b) above. 

Closed terms lead a kind of double life. On the one hand they are syn- 
tactical objects, on the other hand they are the stuff that elements of the 
universe are made from. The two things are related by = \i\ . This is shown 
by induction on t. 

(i) t = c, then = c = [c] = [t], 

(ii) t = then =' /([ti], . . . , [tfe]) 

= [/At--- A fc)] = [/(ii,--- Afc)]- 

Furthermore we have a |= <p{t) a |= <p{[t]), by the above and by Exercise 
6 section 2.4. 

Claim, a 1= p{t) Tm b p{t) for all sentences in the language Lm of Tm 
which, by the way, is also L(a), since each element of A/ ~ has a name in 
Lm- We prove the claim by induction on ip. 

(i) p is atomic, a [= P(ti, . . . ,tp) ^ (tf, ([ti], . . . , [tp]) e P ^ 

(ti, . . . , tp) £ P ^ Tm b P{ti, . . . ,tp). The case p =T is trivial. 

(ii) p = a f\T . Trivial. 

(iii) p = a ^ T. We recall that, by lemma 1.5.9 Tm b cr ^ r (Tm b 
O' Tm b t). Note that we can copy this result, since its proof only uses 
propositional logic, and hence remains correct in predicate logic. 

%\= P — >r<t^(a|=(T=^a|=T) (Tm b (T Tm b t) Tm b O' — > T. 

(iv) p = \/xtjj(^x). a \= \/x'ijj(^x) a ^ 3x-itjj(^x) a ^ ->ijj(a), for all 
a G |a| for all a G |a|(a |= ip(ji)). Assuming a |= \/x4’(,x), we get in 
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particular 21 \= ip{c) for the witness c belonging to 3x-itp{x). By induc- 
tion hypothesis: \~ 4’{c). Tm b 3x^%l}{x) “’'0(c), so Tm b ■!/;(c) — > 

Hence Tm b \lxip{x). 

Conversely: Tm b yxijj{x) => Tm b so Tm b for all closed t, 

and therefore by induction hypothesis, 21 |= '0(f) for all closed t. Hence 
21 1= yx4>{x). 

Now we see that 21 is a model of T, as T C Tm- Q 

The model constructed above goes by various names, it is sometimes called 
the canonical model or the (closed) term model. In logic programming the set 
of closed terms of any language is called the Herbrand universe or - domain 
and the canonical model is called the Herbrand model. 

In order to get an estimation of the cardinality of the model we have to 
compute the number of closed terms in Lm ■ As we did not change the language 
going from T^ to Tm , we can look at the language . We will indicate how to 
get the required cardinalities, given the alphabet of the original language L. 
We will use the axiom of choice freely, in particular in the form of absorption 
laws (i.e. n + \ = hl - \ = max{K,X) for infinite cardinals). Say L has type 



1. Define 

TERMq := {ci\i € /} U {xj\j € N} 

TERMn+l ■= TERMn U < TO, 

tk G TERMn for k < aj}. 

Then TERM = \J{TERMn\n G N} (Exercise 5) 

\TERMq\ = TOaa;(«:, Ho) = fi. 

Suppose \TERMn\ = Then 

\{fj{tim..,taj)\tim..,taj G TERMn}\ = \TERMn\‘^^ = = fj.. So 

\TERMn+i \ = + . . . + (to - 1-1 times) = iv. 

Finally \TERM\ = ^ \TERMn\ = Hq • /i = M- 

n^N 

2. Define 

FORMo := {Pi{ti,...,tn\i <n,tkG TERM}U {±} 

FORMn+i := FORMn U {ipUi( | □ S {A, ^}, G FORMn} 
\J\)ixiLp\i G N,ip G FORMn}. 

Then FORM = (]{FORMn\n G N} (Exercise 5) 

As in 1. one shows \FORM\ = fi. 

3. The set of sentences of the form 3x(p{x) has cardinality jj.. It trivially is 
< fi. Consider A = {3a; (a;o = Ci)\ G I}. Clearly |H| = k • Hq = Hence 
the cardinality of the existential statements is /i. 

4. Li has the constant symbols of L, plus the witnesses. By 3 the cardinality 
of the set of constant symbols is fv. Using 1 and 2 we find Lq has n terms 
and ^ formulas. By induction on n each L„ has ^ terms and /i formulas. 
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Therefore Li^ has Hq • /r = ^ terms and formulas. L^i is also the language 
ofT^. 

5. has at most fx closed terms. Since L\ has fx witnesses, has at least 
and hence exactly /i closed terms. 

6. The set of closed terms has < /r equivalence classes under so ||2l|| < /i. 

All this adds up to the strengthened version of the Model Existence 
Lemma: 



Lemma 3.1.12 F is consistent F has a model of cardinality at most the 
cardinality of the language. 

Note the following facts: 

-If L has finitely many constants, then L is countable. 

-If L has K > Ho constants, then \L\ = n. 

The completeness theorem for predicate logic raises the same question as 
the completeness theorem for propositional logic: can we effectively find a 
derivation oi (p \s ip is true? The problem is that we don’t have much to go on; 
p is true in all structures (of the right similarity type). Even though (in the 
case of a countable language) we can restrict ourselves to countable structures, 
the fact that p is true in all those structures does not give the combinator- 
ial information, necessary to construct a derivation for p. The matter is at 
this stage beyond us. A treatment of the problem belongs to proof theory; 
Gentzen’s sequent calculus or the tableau method are more suitable to search 
for derivations, than natural deduction. 

In the case of predicate logic there are certain improvements on the com- 
pleteness theorem. One can, for example, ask how complicated the model is 
that we constructed in the model existence lemma. The proper setting for 
those questions is found in recursion theory. We can, however, have a quick 
look at a simple case. 

Let r be a decidable theory with a countable language, i.e. we have an 
effective method to test membership (or, what comes to the same, we can test 
F \- p for a set of axioms of T). Consider the Henkin theory T introduced 
in 3.1.8.; O’ € if (7 S T„ for a certain n. This number n can be read off 
from a by inspection of the witnesses occurring in cr. From the witnesses we 
can also determine which axioms of the form 3xp(x) — > p(c) are involved. 
Let {ri, . . . ,Tn} be the set of axioms required for the derivation of a, then 
TU{ti, . . . ,T„} h (T. By the rules of logic this reduces to T h n A. . .Ar„ ^ cr. 
Since the constants Ci are new with respect to T, this is equivalent to T h 
Vzi, . . . , 2 fc(r)j ^ cr') for suitable variables zi, ... ,Zk, where r{, . . . , ct' are 
obtained by substitution. Thus we see that a \s decidable. The next step 
is the formation of a maximal extension Tm. 

Let P(^,pi,P 2 t . . . be an enumeration of all sentences of T^. We add sen- 
tences to in steps. 
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step 0 : To = 



step n + 1 : T„_|_i = 



T(^ U {(/?o} if T(^ U {f^o} is consistent, 

Tcj U else. 

T„ U {ipn+i} if T„ U {(fin+i} is consistent, 
T„ U {^ipn+i} else. 



T° = UT„ (T° is given by a suitable infinite path in the tree). It is easily seen 
that T° is maximally consistent. Moreover, T° is decidable. To test G T° 
we have to test if </?„ G T„ or T„_i U {v3„} b-L, which is decidable. So T° is 
decidable. 

The model 2t constructed in 3.1.11 is therefore also decidable in the fol- 
lowing sense: the operations and relations of 21 are decidable, which means 
that ([ti], . . . , [tp]) G P and /([ti], . ■ . , [tfc]) = [t] are decidable. 

Summing up we say that a decidable consistent theory has a decidable 
model (this can be made more precise by replacing ‘decidable’ by ‘recursive’). 



Exercises 



1. Consider the language of groups. T = {cr|2l \= a} , where 21 is a fixed 
non-trivial group. Show that T is not a Henkin theory. 

2. Let {Ti\i G /} be a set of theories, linearly ordered by inclusion. Show 
that T = U{Ti\i G /} is a theory which extends each T^. If each Ti is 
consistent, then T is consistent. 

3. Show that A„ h cr cr holds in all models with at least n elements. 

h cr cr holds in all models with at most n elements. A„ A h ct ct 
holds in all models with exactly n elements, {A„|nGN}l-(T<tA(T holds in 
all infinite models, (for a definition of A„,^„ cf. section 2.7). 

4. Show that T = {(t|A 2 b cr} U {ci C 2 } in a language with = and two 
constant symbols ci , C 2 , is a Henkin theory. 

5. Show TERM = \J{TERMr,\n G N}, EORM = \J{EORMn\n G N} (cf. 
1.1.5). 
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3.2 Compactness and Skolem-Lowenheim 

Unless specified otherwise, we consider sentences in this section. From the 
Model Existence Lemma we get the following: 



Theorem 3.2.1 (Compactness Theorem) F has a model each finite 
subset A of r has a model. 

An equivalent formulation is: 

r has no model some finite A C F has no model. 

Proof. We consider the second version. 

<^: Trivial. 

=^: Suppose F has no model, then by the Model Existence Lemma F is incon- 
sistent, i.e. F h_L. Therefore there are cti, . . . ,<Jn & F such that cti, . . . , CTji h_L. 
This shows that A = {cti, . . . , an} has no model. □ 

Let us introduce a bit of notation: Mod{F) = {2l|2l |= a for all a G F}. 
For convenience we will often write 21 \= F for 21 G Mod{F). We write 
Mod{ipi, . . . , 1 P 2 ) instead of Mod{{(pi, . . . , <.pn})- 

In general Mod{F) is not a set (in the technical sense of set theory: Mod{F) 
is most of the time a proper class). We will not worry about that since the 
notation is only used as a abbreviation. 

Conversely, let /C be a class of structures (we have fixed the similarity 
type), then Th{K.) = {cr|2t |= a for all 21 G K.}. We call Th{K.) the theory of 
1C. 

We adopt the convention (already used in section 2.7) not to include the 
identity axioms in a set F ; these will always be satisfied. 

Examples. 

1. Mod(\/xy{x < y/\ < y < X X = y),\/xyz{x <y/\y<z^x< z)) is 
the class of posets. 

2. Let Q be the class of all groups. Th{Q) is the theory of groups. 

We can consider the set of integers with the usual additive group struc- 
ture, but also with the ring structure, so there are two structures 2t and 18, 
of which the first one is in a sense a part of the second (category theory uses 
a forgetful functor to express this). We say that 21 is a reduct of 18, or 18 is 
an expansion of 21 . 

In general 



Definition 3.2.2 21 is a reduct of^ (18 an expansion of^) i/ |2l| = |18| and 
moreover all relations, functions and constants of 21 occur also as relations, 
functions and constants of^. 
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Notation. (21, Si, . . . , 5'n, 51, ■ ■ ■ , ffm, |j G J}) is the expansion of 21 with 
the indicated extras. 

In the early days of logic (before “model theory” was introduced) Skolem 
(1920) and Lowenheim (1915) studied the possible cardinalities of models of 
consistent theories. The following generalization follows immediately from the 
preceding results. 



Theorem 3.2.3 (Downward Skolem-Ldwenheim Theorem) Let F be a 

set of sentences in a language of cardinality k, and let k < X. If F has a model 
of cardinality X, then F has a model of cardinality k' , with k < k' < X. 

Proof. Add to the language L of F a set of fresh constants (not occurring 
in the alphabet of L) {ci\i G /} of cardinality k' , and consider F' = F U 
{ci ^ Cj\i,j G I, i ^ j}. Claim: Mod(F') ^ 0. 

Consider a model 21 of T of cardinality A. We expand 21 to 2t' by adding 
k! distinct constants (this is possible: |2l| contains a subset of cardinality 
At'). 2t' G Mod{F) (cf. Exercise 3) and 2t' |= Ci yf Cj{i yf j). Consequently 
Mod{F') y^ 0. The cardinality of the language of F' is k! . By the Model 
Existence Lemma F' has a model *8' of cardinality < k', but, by the axioms 
Ci y^ Cj, the cardinality is also > k! . Hence iB' has cardinality n' . Now take 
the reduct iB of iB' in the language of T, then *8 G Mod{F)) (Exercise 3). □ 
Examples. 

1. The theory of real numbers, Th{R), in the language of fields, has a count- 
able model. 

2. Consider Zermelo-Fraenkel’s set theory ZF. If Mod{ZF) 0, then ZF 
has a countable model. This fact was discovered by Skolem. Because of 
its baffling nature, it was called Skolem’ s paradox. One can prove in ZF 
the existence of uncountable sets (e.g. the continuum), how can ZF then 
have a countable model? The answer is simple: countability as seen from 
outside and from inside the model is not the same. To establish count- 
ability one needs a bijection to the natural numbers. Apparently a model 
can be so poor that it misses some bijections which do exist outside the 
model. 

Theorem 3.2.4 (Upward Skolem-Ldwenheim Theorem) Let F have a 
language L of cardinality k, and 21 G Mod{F) with cardinality X > k. For 
each p > X F has a model of cardinality p. 

Proof. Add p fresh constants Ci,i G I to L and consider F' = F U {ci ^ Cj\i ^ 
jji^j G I}. Claim: Mod{F') y^ 0. We apply the Compactness Theorem. 

Let A C F' he finite. Say A contains new axioms with constants 
Cio, ■ ■ • , Cij., then A C FU {ci^ yf Ci^\p,q < k} = Iq. Clearly each model 
of Fq is a model of A (Exercise l(i)). 



3.2 Compactness and Skolem-Lowenheim 113 



Now take 21 and expand it to 21' = (2t, ai, . . . , a^), where the Oi are distinct. 

Then obviously 2t' S Mod(Io), so 21' S Mod{A). By the Compactness 
Theorem there is a *8' € Mod\r'). The reduct iB of 2t' to the (type of the) 
language L is a model of F. From the extra axioms in F' it follows that *8', 
and hence *8, has cardinality > 

We now apply the downward Skolem-Lowenheim Theorem and obtain the 
existence of a model of F of cardinality /i. □ 

We now list a number of applications. 

Application I. Non-standard Models of PA. 

Corollary 3.2.5 Peano’s arithmetic has non-standard models. 

Let V be the class of all Peano structures. Put PA = Th{V). By the Com- 
pleteness Theorem PA = {a\S h cr} where S is the set of axioms listed 
in section 2.7, Example 6. PA has a model of cardinality Hq (the standard 
model fR), so by the upward Skolem-Lowenheim Theorem it has models of 
every A: > Hq. These models are clearly not isomorphic to 21. For more see 
page 121. 

Application II. Finite and Infinite Models. 

Lemma 3.2.6 If F has arbitrarily large finite models, then F has an infinite 
model. 

Proof. Put F' = FU{Xn\n > 1}, where A„ expresses the sentence “there are at 
least n distinct elements”, cf. section 2.7, Example 1. Apply the Compactness 
Theorem. Let zl C T' be finite, and let Am be the sentence A„ in A with 
the largest index n. Verify that Mod{A) A Mod{F U {Am})- Now F has 
arbitrarily large finite models, so F has a model 21 with at least m elements, 
i.e. 21 € Mod{F U {Am}). So Mod{A) ^ 0. 

By compactness Mod(F') ^ 0, but in virtue of the axioms Am, a model of 
F' is infinite. Hence F' , and therefore F , has an infinite model. □ 

We get the following simple 



Corollary 3.2.7 Consider a class JC of structures which has arbitrarily large 
finite models. Then, in the language of the class, there is no set S of sentences, 
such that 21 S Mod{S) 21 is finite and 21 S /C. 

Proof. Immediate. □ 

We can paraphrase the result as follows: the class of finite structures in 
such a class K is not axiomatizable in first-order logic. 

We all know that finiteness can be expressed in a language that contains 
variables for sets or functions (e.g. Dedekind’s definition), so the inability to 
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characterise the notion of finite is a specific defect of first-order logic. We say 
that finiteness is not a first-order property. 

The corollary applies to numerous classes, e.g. groups, rings, fields, posets, 
sets (identity structures). 

Application III. Axiomatizability and Finite Axiomatizability. 

Definition 3.2.8 A class K of structures is (finitely) axiomatizable if there 
is a (finite) set F such that K = Mod(F). We say that F axiomatizes K; the 
sentences of F are called it axioms (cf. S.Lf). 

Examples for the classes of posets, ordered sets, groups, rings, Peano-structures 
axiom sets F are listed in section 2.7. 

The following fact is very useful: 



Lemma 3.2.9 If K, = Mod{F) and JC is finitely axiomatizable, then K, is 
axiomatizable by a finite subset of F. 

Proof. Let 1C = Mod{A) for a finite A, then 1C = Mod{a), where cr is the 
conjunction of all sentences of A (Exercise 4). Then a \= tjj for all G F and 
T 1= cr, hence also F \- a. Thus there are finitely many ipi, . . . ,ipk G F such 
that '0ij ■ ■ ■ <J- Claim 1C = Mod{tpi , . . . , tpk)- 

(i) {ifi, . . .,tjjk} C r so Mod{F) C Modffi, . . .,tjjk)- 

(ii) From fji , ..., h cr it follows that Modffi, . . . ,fik) C Mod{a). 

Using (i) and (ii) we conclude Mod{i(i , . . . , ifk) = 1C. □ 

This lemma is instrumental in proving non-finite-axiomatizability results. 
We need one more fact. 



Lemma 3.2.10 1C is finitely axiomatizable K, and its complement KF are 
both axiomatizable. 

Proof. =>. Let 1C = Mod{ip \, . . . , ipn), then K. = Mod{(pi A ... A (pk). 21 S 
(complement of/C)<t4-2f^:piA...A(/5„<t4-2l|= A . . . ipn)- So 
IC^ = Mod{^{ipi A ... A (fn))- 

4=. Let 1C = Mod{F),lC‘^ = Mod{A). K (1 1C‘^ = Mod{F U A) = 0 (Exercise 
1). By compactness, there are tpi, . . . ,tpn C F and fji, . . . , G A such that 
Mod{(pi,. . ■ ■ • ,'0m) = or 

Mod{ifi, . . . ,ipn) nMod{’tpi,...,tprn) = 0, (1) 

1C = Mod{F) C Mod{pi , . . . , ^n) , (2) 

1C‘^ = Mod{A) C Modfipi, . . . , 1 pm), (3) 

(1), (2), (3) ^ A = Mod(v?i,...,v:>„). □ 

We now get a number of corollaries. 
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Corollary 3.2.11 The class of all infinite sets (identity structures) is axiom- 
atizable, hut not finitely axiomatizable. 

Proof. 21 is infinite 21 € Mod{{Xn\n G N}). So the axiom set is {A„|n G N}. 
On the other hand the class of finite sets is not axiomatizable, so, by Lemma 
3.2.10, the class of infinite sets is not finitely axiomatizable. □ 



Corollary 3.2.12 (i) The class of fields of characteristic p{> 0) is finitely 
axiomatizable. 

(a) The class of fields of characteristic 0 is axiomatizable hut not finitely 
axiomatizable. 

(Hi) The class of fields of positive characteristic is not axiomatizable. 

Proof, (i) The theory of fields has a finite set A of axioms. Z\ U {p = 0} 
axiomatizes the class iFp of fields of characteristic p (where p stands for 1 + 
1 + . . . + l,^px)).^ 

(ii) AU {2 ^ 0, 3 0, . . . ,p 7 ^ 0, . . .} axiomatizes the class JFq of fields of 

characteristic 0. Suppose Tq was finitely axiomatizable, then by Lemma 3.2.9 
iFo was axiomatizable by T = Z\ U {p^ yf 0, . . . yf 0}, where pi, . . . ,pk are 
primes (not necessarily the first k ones). Let g be a prime greater than all pi 
(Euclid). Then Z/iq) (the integers modulo q) is a model of P, but Z/(g) is 
not a field of characteristic 0. Contradiction. 

(iii) follows immediately from (ii) and Lemma 3.2.10. □ 

Corollary 3.2.13 The class Ac of all algebraically closed fields is axiomati- 
zable, but not finitely axiomatizable. 

Proof Let cr„ = Vyi . . . y„3a;(a;"' + + . . . + yn-ix + Vn = 0). Then 

r = AU {an\n > 1}{ A a,s in corollary 3.2.12) axiomatizes Ac. To show iron- 
finite axiomatizability, apply Lemma 3.2.9 to P and find a field in which a 
certain polynomial does not factorise. □ 



Corollary 3.2.14 The class of all torsion-free abelian groups is axiomatiz- 
able, but not finitely axiomatizable. 

Proof. Exercise 15. □ 

Remark: In Lemma 3.2.9 we used the Completeness Theorem and in Lemma 
3.2.10 the Compactness Theorem. The advantage of using only the Compact- 
ness Theorem is that one avoids the notion of provability altogether. The 
reader might object that this advantage is rather artificial since the Compact- 
ness Theorem is a corollary to the Completeness Theorem. This is true in our 
presentation; one can, however, derive the Compactness Theorem by purely 
model theoretic means (using ultraproducts, cf. Chang-Keisler) , so there are 
situations where one has to use the Compactness Theorem. For the moment 
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the choice between using the Completeness Theorem or the Compactness 
Theorem is largely a matter of taste or convenience. 

By way of illustration we will give an alternative proof of Lemma 3.2.9 
using the Compactness Theorem: 

Again we have Mod{r) = M od{a){*) . Consider F' = F Li {^cr}. 

21 € Mod{F') 21 € Mod{F) and 21 h -cr, 

21 € ModF and 21 ^ Mod{a). 

In view of (*) we have Mod{F') = 0. 

By the Compactness Theorem there is a finite subset A of F' with 
Mod{A) =0. It is no restriction to suppose that ^cr € A, hence 
Mod{tjji, . . . = 0. It now easily follows that Mod(V'i, . . . , V'fe) = 

Mod(a) = Mod(F). □ 



Application IV. Ordering Sets. 

One easily shows that each finite set can be ordered, for infinite sets this 
is harder. A simple trick is presented below. 



Theorem 3.2.15 Each infinite set can he ordered. 

Proof. Let |A| = k > Hq. Consider F, the set of axioms for linear order 
(2.7.3). F has a countable model, e.g. N. By the upward Skolem-Lowenheim 
Theorem F has a model 21 = {A, <) of cardinality k. Since X and A have the 
same cardinality there is a bijection f : X ^ A. Define x < x' \= f{x) < 
f{x'). Evidently, < is a linear order. □ 

In the same way one gets: Each infinite set can be densely ordered. The 
same trick works for axiomatizable classes in general. 

Exercises 

1. Show: (i) T C Z\ Mod{A) C Mod{F), 

(ii) /Cl C /C 2 ^ Th{K.2) C Th{JCi), 

(iii) Mod{F U Z\) = Mod{F) n Mod{A), 

(iv) Th{JCi u /C 2 ) = Th{JCi) n r/i(/C 2 ), 

(v) /C C Mod{F) ^FC Th{IC), 

(vi) Mod{F n A) A Mod{F) U Mod{A), 

(vii) Th{JCi n JC 2 ) A Th{JCi) U Th{JC 2 ). 

Show that in (vi) and (vii) A cannot be replaced by =. 

2. (i) F C Th{Mod{F)), 

(ii) K. C Mod{Th{IC)), 

(iii) Th{Mod{F)) is a theory with axiom set F. 

3. If 21 with language L is a reduct of *8, then 21 |= cr *8 ^ cr for <t S L. 
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4. Mod{(fi , . . . , (fn) = Mod{(fi A ... A ifn)- 

5. r\=(fi^A\=ip for a finite subset ACT. (Give one proof using 
completeness, another proof using compactness on F U 

6. Show that well-ordering is not a first-order notion. Suppose that F axiom- 
atizes the class of well-orderings. Add countably many constants Ci and 
show that F U {c^+i < Ci\i G Af} has a model. 

7. If F has only finite models, then there is an n such that each model has 
at most n elements. 

8. Let L have the binary predicate symbol P. a:=\!x^P(x, x)Fixyz{P{x, y)A 
P{y, z) P(x, z))AVxByP(x, y). Show that Mod{a) contains only infinite 
models. 

9. Show that cr V Wxy^x = y) has infinite models and a finite model, but no 
arbitrarily large finite models (<t as in 8). 

10. Let L have one unary function symbol. 

(i) Write down a sentence (p such that 21 |= is a surjection. 

(ii) Idem for an injection. 

(iii) Idem for a bijection (permutation). 

(iv) Use (ii) to formulate a sentence a such that (a) 21 |= cr ^ 2t is infinite, 
(b) each infinite set can be expanded to a model of a (Dedekind) . 

(v) Show that each infinite set carries a permutation without fixed points 
(cf. the proof of 3.2.15). 

11. Show: cr holds for fields of characteristic zero a holds for all fields of 
characteristic q > p for a certain p. 

12. Consider a sequence of theories Ti such that Ti yf and Ti C T^+i. 
Show that U{Ti\i G Af} is not finitely axiomatizable. 

13. If Ti and T 2 are theories such that Mod{Ti U T 2 ) = 0 , then there is a cr 
such that Ti \= cr and T 2 \= ^cr. 

14. (i) A group can be ordered each finitely generated subgroup can be 

ordered. 

(ii) An abelian group 21 can be ordered <tA 21 is torsion free. (Hint: look 
at all closed atoms of L(2l) true in 21.) 
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15. Prove Corollary 3.2.14. 

16. Show that each countable, ordered set can be embedded in the rationals. 

17. Show that the class of trees cannot be axiomatizaxiomatized. Here we 
define a tree as a structure (T, <,t), where < is a partial order, such that 
for each a the predecessors form a finite chain a = an < On-i < . . . < 
ai < qq = t. t is called the top. 

18. A graph (with symmetric and irrefiexive R) is called fc-colourable if we 
can paint the vertices with fc-different colours such that adjacent vertices 
have distinct colours. We formulate this by adding k unary predicates 
Cl, . . . , Cfc, plus the following axioms 

Va;^ -^{Ci{x) ACj{x)), 

i i^j 

/A \/xy{c^{x) ACi{y) ^ ^R{x,y)). 

i 

Show that a graph is fc-colourable if each finite subgraph is fc-colourable 
(De Bruijn-Erdos). 



3.3 Some Model Theory 

In model theory one investigates the various properties of models (structures), 
in particular in connection with the features of their language. One could say 
that algebra is a part of model theory, some parts of algebra indeed belong to 
model theory, other parts only in the sense of the limiting case in which the 
role of language is negligible. It is the interplay between language and models 
that makes model theory fascinating. Here we will only discuss the very be- 
ginnings of the topic. 

In algebra one does not distinguish structures which are isomorphic; the 
nature of the objects is purely accidental. In logic we have another criterion: 
we distinguish between two structures by exhibiting a sentence which holds 
in one but not in the other. So, if2l^<T<t4>*8|=tT for all cr, then we cannot 
(logically) distinguish 21 and iB. 



Definition 3.3.1 (i) / : |2l| — > |*8| is a homomorphism if for all Pi 
(ai, ...,ak) € ^ (/(ai), • ■ • , /(ofc)) G P^ , if for all Fj /(F®(ai, . . . , Op)) 

= . . . ,/(op)) and if for all a f{cf) = cf . 

(ii) f is an isomorphism if it is a homomorphism which is bijective and 
satisfies (ai, . . . , a„) G P® (/(oi), . . . , /(a„)) G P^ , for all P^. 
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We write /: 21 ^ iB if / is a homomorphism from 21 to *8. 2t = *8 stands 
for “21 is isomorphic to 18”, i.e. there is an isomorphism / : 21 18. 

Definition 3.3.2 21 and 18 are elementarily equivalent if for all sentences a 
o/ L, 21 ^ O’ 18 1= cr. 

Notation. 21 = 18. Note that 21 = 18 Th{Qf) = Th{fB). 



Lemma 3.3.3 21 = 18 ^ 21 = 18. 

Proof. Exercise 2. □ 

Definition 3.3.4 21 is a substructure (submodel) of ^ (of the same type) if 
|21| C |18|;P® n |21|” = t |21|" = and cf = c® (where n is the 

number of arguments). 

Notation. 21 C 18. Note that it is not sufficient for 21 to be contained in 18 “as 
a set”; the relations and functions of 18 have to be extensions of the corre- 
sponding ones on 21, in the specific way indicated above. 

Examples. The field of rationals is a substructure of the field of reals, but not 
of the ordered field of reals. Let 21 be the additive group of rationals, 18 the 
multiplicative group of non-zero rationals. Although |18| C |21|, 18 is not a 
substructure of 21. The well-known notions of subgroups, subrings, subspaces, 
all satisfy the above definition. 

The notion of elementary equivalence only requires that sentences (which 
do not refer to specific elements, except for constants) are simultaneously true 
in two structures. We can sharpen the notion, by considering 21 C 18 and by 
allowing reference to elements of |21|. 



Definition 3.3.5 21 is an elementary substructure of ^ (or ^ is an el- 
ementary extension o/ 21J i/ 21 C IB and for all <p(xi, . . . , Xn) in L and 

, . . . , an € 1^ ^(^Ij • • ■ 1 Oyn} 1^ 1^ ^(^1 j • • ■ 5 OLn} ■ 

Notation. 21 18. 

We say that 21 and 18 have the same true sentences with parameters in 21. 



Fact 3.3.6 21 *8 21 = <8. 

The converse does not hold (cf. Exercise 4). 

Since we will often join all elements of |21| to 21 as constants, it is convenient 
to have a special notation for the enriched structure: ill = (21, |21|). 

If one wants to describe a certain structure 21, one has to specify all the 
basic relationships and functional relations. This can be done in the language 
L(2l) belonging to 21 (which, incidentally, is the language of the type of 1^). 
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Definition 3.3.7 The diagram, Diagi^), is the set of closed atoms and nega- 
tions of closed atoms of L(2l), which are true in 21. The positive diagram, 
Diag~^(f^), is the set of closed atoms (p of L(f^) such that %\= Lp. 

Example. 

1. 21 = (N).Dzag(2l) = {n = n\n G N} U {n m\n ^ m',n,m G N}. 

2. 5B = ({1,2,3},<). (natural order). Diag^ = {1=1, 2 = 2, 3 = 3 = 
^T^2, _2t^3, 2V 3 ^ T, 3 t^_2, T<2, T < 3, 2 < 3, -2 < T, ^3 < 
2, ^3 <1, ^1 < 1, —^2 <2, ^3 < 3}. 

Diagrams are useful for lots of purposes. We demonstrate one here: We 
say that 21 is isomorphically embedded in 25 if there is an isomorphism / from 
21 into a substructure of 25. 



Lemma 3.3.8 21 is isomorphically embedded in ^ % is a model of 

Diag{%). 

Proof. =i>. Let / be an isomorphic embedding of 21 in 25, then 21 |= Pi(ai, . . . , 
^n) ^ -^1 (/(qi ); •■•; ) and 21 |= t{^a\, . . . ,ajf) — s(ui, . . . , 

25 1= t(/(ai), ■ . .) = s(/(ai), . . .) (cf. Exercise 2.). By interpreting a as /(a) 
in IB (i.e. a® = /(a)), we immediately see 18 |= DiagifK). 

<J=: Let IB )= Diag{%). Define a mapping / : |21| ^ |25| by /(a) = (a)®. Then, 
clearly, / satisfies the conditions of definition 3.3.1 on relations and functions 
(since they are given by atoms and negations of atoms). Moreover if a\ 02 
then 21 |= -Tii = 02 , so IB |= -xii = 02 • 

Hence a® ^ a®, and thus /(ai) ^ /(o 2 ). This shows that / is an isomor- 
phism. □ 

We will often identify 21 with its image under an isomorphic embedding 
into 25, so that we may consider 21 as a substructure of 25 

We have a similar criterion for elementary extension. We say that 21 is 
elementarily embeddable in 25 if 21 = 21' and 21' A 25 for some 21'. Again, we 
often simplify matters by just writing 21 A 25 when we mean “elementarily 
embeddable” . 

Lemma 3.3.9 21 A 25 IB )= Th{%). 

N.B. 21 A 25 holds “up to isomorphism” . IB is supposed to be of a similarity 
type which admits at least constants for all constant symbols of L(21). 

Proof. =>. Let (p(7T[, . . . ,71^) G ThfQV), then 21 |= (piaT, . . . ,71^), and hence 

*8 h ip{ai , . . . ,a„). So *B h Th{^). 

<^. By 3.3.8, 21 C IB (up to isomorphism). The reader can easily finish the 
proof now. □ 
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We now give some applications. 

Application I. Non-standard Models of Arithmetic. 

Recall that Tl = (N,+,-,s,0) is the standard model of arithmetic. We 
know that it satisfies Peano’s axioms (cf. example 6, section 2.7). We use the 
abbreviations introduced in section 2.7. 

Let us now construct a non-standard model. Consider T = Th{^). By 
the Skolem-Lowenheim Theorem T has an uncountable model fOl. Since fOl |= 
Th{^), we have, by 3.3.9, 01 Observe that 01 ^ 911 (why?). We will have 
a closer look at the way in which 01 is embedded in 911. 

We note that 01 \= \/xyz{x <yAy<z—^x<z) (1) 

01 ^ \/xyz{x <y\/x = y\/y<x) (2) 
m \= Va;(0 < x) (3) 

01 \= < a; A a; < n -I- 1) (4) 

Hence, 01 being an elementary substructure of 911, we have (1) and (2) for 
911, i.e. 911 is linearly ordered. From 01 ^ 911 and (3) we conclude that 0 is the 
first element of 911. Furthermore, (4) with 01 911 tells us that there are no 

elements of 911 between the “standard natural numbers” . 

As a result we see that 01 is an initial segment of 911: 

standardnumber s non— standardnumbers 



Remark: it is important to realize that (1) - (4) are not only true in the 
standard model, but even provable in PA. This implies that they hold not only 
in elementary extensions of 01, but in all Peano structures. The price one has 
to pay is the actual proving of (1) - (4) in PA, which is more cumbersome 
than the mere establishing their validity in 01. However, anyone who can give 
an informal proof of these simple properties will find out that it is just one 
more (tedious, but not difficult) step to formalize the proof in our natural 
deduction system. Step-by-step proofs are outlined in the Exercises 27, 28. 

So, all elements of |9H| — |01|, the non-standard numbers, come after the 
standard ones. Since 911 is uncountable, there is at least one non-standard 
number a. Note that n < a for all n, so 911 has a non-archimedean order 
(recall that n = 1 1 - 1 1 - ... I- l(nx)). 

We see that the successor S{n){= n-l- 1) of a standard number is standard. 
Furthermore 91 \= Va:(a; ^ 0 ^ ^uiu + 1 = a;)), so, since 91 ^ 911, also 
911 \= yx{x yf 0 — *■ 3y{y -I- 1 = a;)), i.e. in 911 each number, distinct from 
zero, has a (unique) predecessor. Since a is non-standard it is distinct from 
zero, hence it has a predecessor, say a\. Since successors of standard numbers 
are standard, a\ is non-standard. We can repeat this procedure indefinitely 
and obtain an infinite descending sequence a > ai > 02 > 03 > . . . of non- 
standard numbers. Conclusion: 911 is not well-ordered. 
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However, non-empty definable subsets of SH do possess a least element. 
For, such a set is of the form {6|9Jl |= <p(5)}, where (p G LfiJl), and we know 
in \= 3x(fi{x) — > 3x{(p{x) A \/y{ip{y) x < y)). This sentence also holds in 971 
and it tells us that {6|97l \= </?(^)} has a least element if it is not empty. 

The above construction not merely gave a non-standard Peano structure 
(cf. 3.2.5), but also a non-standard model of true arithmetic, i.e. it is a model 
of all sentences true in the standard model. Moreover, it is an elementary 
extension. 

The non-standard models of PA that are elementary extensions of 97 are 
the ones that can be handled most easily, since the facts from the standard 
model carry over. There are also quite a number of properties that have been 
established for non-standard models in general. We treat two of them here: 



Theorem 3.3.10 The set of standard numbers in a non-standard model is 
not definable. 

Proof. Suppose there is a p{x) in the language of PA, such that: 971 |= 
‘p{a) “a is a standard natural number” , then ~^p{x) defines the non- 
standard numbers. Since PA proves the least number principle, we have 
971 1= A Vy < x(p{y)), or there is a least non-standard number. 

However, as we have seen above, this is not the case. So there is no such def- 
inition. □ 

A simple consequence is the 

Lemma 3.3.11 (Overspill Lemma) If (p{n) holds in a non-standard model 
for infinitely many finite numbers n, then ip(a) holds for at least one infinite 
number a. 

Proof. Suppose that for no infinite a <p{a) holds , then 3y{x < y /\ p{y)) de- 
fines the set of standard natural numbers in the model. This contradicts the 
preceding result. □ 

Our technique of constructing models yields various non-standard models 
of Peano’s arithmetic. We have at this stage no means to decide if all models of 
PA are elementarily equivalent or not. The answer to this question is provided 
by Godel’s incompleteness theore, which states that there is a sentence 7 such 
that PA 1/ 7 and PA 1/ ^7. The incompleteness of PA has been re-established 
by quite different means by Paris-Kirby-Harrington, Kripke, and others. As 
a result we have now examples for 7, which belong to ‘normal mathematics’, 
whereas Godel’s 7, although purely arithmetical, can be considered as slightly 
artificial, cf. Barwise, Handbook of Mathematical Logic, D8. PA has a de- 
cidable (recursive) model, namely the standard model. That, however, is the 
only one. By the theorem of Tennenbaum all non-standard models of PA are 
undecidable (not recursive). 



3.3 Some Model Theory 123 



Application II. Non-standard Real Numbers. 

Similarly to the above application, we can introduce non-standard models 
for the real number system. We use the language of the ordered field R of real 
numbers, and for convenience we use the function symbol, | |, for the absolute 
value function. By the Skolem-Lowenheim Theorem there is a model *R of 
Th{R) such that *R has greater cardinality than R. Applying 3.3.9, we see 
that R -< *R, so *R is an ordered field, containing the standard real numbers. 
For cardinality reasons there is an element a G |*i?| — |i?|. For the element a 
there are two possibilities: 

(i) |a| > |r| for all r G |i?|, 

(ii) there is an r € |i?| such that |a| < r. 

In the second case {u G |i?| \ u < |a|}isa bounded, non-empty set, 
which therefore has a supremum s (in R). Since |a| is non-standard number, 
there is no standard number between s and |a|. By ordinary algebra, there 
is no standard number between 0 and | |a| — s |. Hence ||a| — s|“^ is larger 
than all standard numbers. So in case (ii) there is also a non-standard number 
greater than all standard numbers. Elements satisfying the condition (i) above, 
are called infinite and elements satisfying (ii) are called finite (note that the 
standard numbers are finite). 

We now list a number of facts, leaving the (fairly simple) proofs to the 
reader. 

1. *R has a non-archimedean order. 

2. There are numbers a such that for all positive standard r, 0 < |a| < r. We 
call such numbers, including 0, infinitesimals. 

3. a is infinitesimal a~^ is infinite, where a 0. 

4. For each non-standard finite number a there is a unique standard number 
st(a) such that a — st{a) is infinitesimal. 

Infinitesimals can be used for elementary calculus in the Leibnizian 
tradition. We will give a few examples. Consider an expansion R' of R 
with a predicate for N and a function v. Let *R' be the corresponding 
non-standard model such that R' *R' . We are actually considering two 

extensions at the same time. N is contained in i?', i.e. singled out by a 
special predicate N. Hence N is extended, along with i?' to *N. As is to be 
expected *N is an elementary extension of N (cf. Exercise 14). Therefore 
we may safely operate in the traditional manner with real numbers and 
natural numbers. In particular we have in *R' also infinite natural numbers 
available. We want t; to be a sequence, i.e. we are only interested in the 
values of v for natural number arguments. The concepts of convergence, 
limit, etc. can be taken from analysis. 

We will use the notation of the calculus. The reader may try to give the 
correct formulation. 

Here is one example: 3m\/n > m{\vn — Vm\ < e) stands for 3x{N{x) A 
\/y{N{y) A y > X —>■ \v{y) — v{x)\ < e). Properly speaking we should 
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relativise quantifiers over natural numbers (cf. 2.5.12), but it is more con- 
venient to use variables of several sorts. 

5. The sequence v (or (vn)) converges in R' iff for all infinite natural numbers 
n,m \vn — Vm\ is infinitesimal. 

Proof, (vn) converges in i?' if i?' ^ Ve > 03nVm > n{\vn — Vm\ < e)- 
Assume that (vn) converges. Choose for e > 0 an n(e) € |i?'| such that 
R' ^ Vto > n{\vn — Vm\ < e)- Then also *R' ^ Vm > n(|u„ — Vm\ < e)- 
In particular, if to, to' are infinite, then to, to' > n(e) for all e. Hence 
\vm ~ I < 2e for all e. This means that \vm — Vm\ is infinitesi- 
mal. Conversely, if \vn — t'ml is infinitesimal for all infinite n^m, then 
*R ^ Vto > n{\vn — v^l < e) where n is infinite and e standard, pos- 
itive. So *R' ^ 3uVto > n{\vn — Vm\ < e), for each standard e > 0. 
Now, since R' -< *R',R' |= 37iVto > n(|u„ — Vm\ < e) for e > 0, so 
i?' ^ Ve > 03nVTO > n(|t>„ — Vm\ < e)- Hence (u„) converges. □ 

6. lim Vn = a \a — Vn\ is infinitesimal for infinite n. 

n — >oo 

Proof. Similar to 5. 

We have only been able to touch the surface “non-standard analysis” 
an extensive treatment, see e.g. Robinson, Stroy an- Luxemburg. 

We can now strengthen the Skolem-Lowenheim Theorems. 

Theorem 3.3.12 (Downward Skolem-Lowenheim) Let the language L 
o/2l have cardinality k, and suppose 21 has cardinality X > k. Then there is a 
structure *8 of cardinality k such that iB A 21. 

Proof. See corollary 3.4.11. □ 

Theorem 3.3.13 (Upward Skolem-Lowenheim) Let the language L of^ 
have cardinality k and suppose 21 has cardinality X > k. Then for each fi > X 
there is a structure *8 of cardinality p, such that 21 A 58 . 

Proof. Apply the old upward Skolem-Lowenheim Theorem to ThifK). □ 

In the completeness proof we used maximally consistent theories. In model 
theory these are called complete theories. As a rule the notion is defined with 
respect to axiom sets. 

Definition 3.3.14 A theory with axioms P in the language L, is called com- 
plete if for each sentence a in L, either P \- a, or P \ <a. 

A complete theory leaves, so to speak, no questions open, but it does not 
prima facie restrict the class of models. In the old days mathematicians tried 
to find for such basic theories as arithmetic axioms that would determine up 
to isomorphism one model , i.e. to give a set P of axioms such that 
21, 58 G Mod{P) 521 = 58. The Skolem-Lowenheim Theorems have taught us 
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that this is (barring the finite case) unattainable. There is, however, a signif- 
icant notion: 



Definition 3.3.15 Let k be a eardinal. A theory is n-eategorieal if it has at 
least one model of eardinality k and if any two of its models of eardinality k 
are isomorphic. 

Categoricity in some cardinality is not as unusual as one might think. We 
list some examples. 

1. The theory of infinite sets (identity structures) is n-categorical for all 
infinite n. 

Proof. Immediate, as here “isomorphic” means “of the same cardinality” . □ 

2. The theory of densely ordered sets without end-points is Hq- categorical. 

Proof. See any textbook on set-theory. The theorem was proved by Cantor 
using the so-called back-and-forth method. □ 

3. The theory of divisible torsion-free abelian groups is k- categorical for 
K > Hq. 

Proof. Check that a divisible torsion-free abelian group is a vector space over 
the rationale. Use the fact that vector spaces of the same dimension (over the 
same field) are isomorphic. □ 



4. The theory of algebraically closed fields (of a fixed characteristic) is 
K- categorical for k > Hq. 

Proof. Use Steinitz’ Theorem: two algebraically closed fields of the same char- 
acteristic and of the same uncountable transcedence degree are isomorphic. 

□ 

The connection between categoricity and completeness, for countable lan- 
guages, is given by 



Theorem 3.3.16 (Vaught’s Theorem) IfT has no finite models and is k - 
categorical for some k not less than the cardinality of L, then T is complete. 

Proof. Suppose T is not complete. Then there is a tr such that T \/ a and 
T 1/ ^(T. By the Model Existence Lemma, there are 21 and iB in Mod{T) 
such that 21 1= (T and 25 |= ^cr. Since 21 and 25 are infinite we can apply the 
Skolem-Lowenheim Theorem (upwards or downwards), so as to obtain 21' and 
25', of cardinality k, such that 21 = 21', and iB = 25'. But then 21' = 25', and 
hence 21' = 25', so 21 = 25. 
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This contradicts 21 |= cr and *8 |= □ 

As a consequence we see that the following theories are complete: 

1. the theory of infinite sets; 

2. the theory of densely ordered sets without end-points; 

3. the theory of divisible torsion-free abelian groups; 

4. the theory of algebraically closed fields of fixed characteristic. 

A corollary of the last fact was known as Lefschetz’ principle: if a sentence 
a, in the first-order language of fields, holds for the complex numbers, it holds 
for all algebraically closed fields of characteristic zero. 

This means that an “algebraic ” theorem cr concerning algebraically closed 
fields of characteristic 0 can be obtained by devising a proof by whatso- 
ever means (analytical, topological, . . . ) for the special case of the complex 
numbers. 

Decidability. 

We have seen in chapter I that there is an effective method to test whether a 
proposition is provable - by means of the truth table technique, since “truth 
= provability” . 

It would be wonderful to have such a method for predicate logic. Church 
has shown, however, that there is no such method (if we identify “effective” 
with “recursive”) for general predicate logic. But there might be, and indeed 
there are, special theories which are decidable. A technical study of decidabil- 
ity belongs to recursion theory. Here we will present a few informal consider- 
ations. 

If T, with language L, has a decidable set of axioms F, then there is an 
effective method for enumerating all theorems of T . 

One can obtain such a enumeration as follows: 

(a) Make an effective list cti, (T 2 , era, . . . of all axioms of T (this is possible 

because F is decidable), and a list tpi,(f 2 T ■ ■ of all formulas of L. 

(b) ^ 

(1) write down all derivations of size 1, using using with at most 

cTi uncancelled, 

(2) write down all derivations of size 2, using CTi, (T 2 , with at most 

(Ti , ct 2 uncancelled, 

(n) write down all derivations of size n, using tri, . . . , cr„, (^, . . . , ipn, with 
at most (Ti, . . . , cr„ uncancelled. 



Each time we get only finitely many theorems and each theorem is eventually 
derived. The process is clearly effective (although not efficient). 

We now observe 
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Lemma 3.3.17 If F and F^ (complement of F) are effectively enumerable, 
then F is decidable. 

Proof. Generate the lists of F and F'^ simultaneously. In finitely many steps 
we will either fiird a iir the list for F or in the list for F'^. So for each a we 
can decide iir fiiritely marry steps whether a € F or not. □ 

As a corollary we get the 

Theorem 3.3.18 If T is effectively axiomatizable and complete, then T is 
decidable. 

Proof. Since T is complete, we have F \- a or F \- for each cr (where F 
axiomatizes T). So a£T'^<=>F[/a<^F\ ^a. 

From the above sketch it follows that T and are effectively enumerable. 
By the lemma T is decidable. □ 



Application. The following theories are decidable: 

1. the theory of infinite sets; 

2. the theory of densely ordered sets without end-points; 

3. the theory of divisible, torsion-free abelian groups; 

4. the theory of algebraically closed fields of fixed characteristic. 

Proof. See the consequences of Vaught’s Theorem (3.3.16). The effective enu- 
merating is left to the reader (the simplest case is, of course, that of a finitely 
axiomatizable theory, e.g. (1), (2). □ 

We will finally present oire more application of the non-standard approach, 
by giving a non-stairdard proof of 



Lemma 3.3.19 (Kdnig’s Lemma) An infinite, finitary tree has an infinite 
path. 

A finitary tree, or fan, has the property that each node has oirly finitely 
many immediate successors (’zero successors’ is included). By contraposition 
one obtains from Konig’s Lemma the so-called Fan Theorem (which was ac- 
tually discovered first): 



Theorem 3.3.20 If in a fan all paths are finite then the length of the paths 
is bounded. 

Note that if one considers the tree as a topological space, with its canoirical 
topology (basic open set “are” nodes), their Konig’s Lemma is the Bolzano- 
Weierstrasz Theorem and the Fan Theorem states the compactness. 

We will now provide a non-standard proof of Konig’s Lemma. 
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Let r be a fan, and let T* be a proper elementary extension (use 3.3.13). 



(1) the relation “.... is an immediate successor of ....” can be expressed in 
the language of partial order: 

X <i y := X < y A \/z{x <z<y^x = z\/y = z) where, as usual, 

X < y stands for x < y A x ^ y. 

(2) If a is standard, then its immediate successors in T* are also standard. 
Since T is finitary, we can indicate ai , . . . , a„ such that 

T \= yx{x <i a ^ w Ofe = a:). By T ^ T*, we also have 

l<fc<n 

T* 1= 'ix{x <iU^ w flfc = x), so if b is an immediate successor of a 

l<k<n 

in T*, then b = ak for some k < n, i.e. b is standard. 

Note that a node without successors in T has no successors in T* either, 
for T \= Vx(x < a ^ X = a) ^ T* |= Vx(x < a <-> x = a). 

(3) In T we have that a successor of a node is an immediate successor of that 
node or a successor of an immediate successor, i.e. 

T \= \/xy{x < y ^ 3z{x < z <i y)). (*) 

This is the case since for nodes a and b with a < b,b must occur in the 
finite chain of all predecessors of a. So let a = a„ < a„_i < . . . < = 

b < Qi-i < . . ., then a < a^+i <i b. 

Since the desired property is expressed by a first-order sentence (*), (3) 
also holds for T*. 

( 4 ) 




Let a* be a non-standard element of T*. We claim that 
P = {a G |T||a* < a} is an infinite path (i.e. a chain). 
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(i) P is linearly ordered since T ^ \/xyz{x <y/\x<z^y<z\/z<y) 
and hence for any p, 9 € P C |T* | we have p < q or q < p. 

(ii) Suppose P is finite with last element b, then b has a successor and 
hence an immediate successor in T*, which is a predecessor of a*. 

By (2) this immediate successor belongs to P. Contradiction. Hence P is 
infinite. 

This establishes that T has an infinite path. □ 

Quantifier Elimination . 

Some theories have the pleasant property that they allow the reduction of for- 
mulas to a particularly simple form: one in which no quantifiers occur. Without 
going into a general theory of quantifier elimination, we will demonstrate the 
procedure in a simple case: the theory T>0 of dense order without end points, 
cf. 2.7.3(ii); ‘without end points’ is formulated as ^Vx3yz{y < x Ax < z)” . 

Let FV{(fi) = {yi, . . . ,pn}, where all variables actually occur in (p. By 
standard methods we obtain a prenex normal form ip' of p, such that 
p' := Q 1 X 1 Q 2 X 2 ■ ■ ■ QmXmi>{xi, . ■ .,Xm,yi, ■ ■ - ,yn), where each Qi is one of 
the quantifiers V, 3. We will eliminate the quantifiers starting with the inner- 
most one. 

Consider the case Qm = 3. We bring f) into disjunctive normal form 
ipj, where each is a conjunction of atoms and negations of atoms. First 
we observe that the negations of atoms can be eliminated in favor of atoms, 
since VO I — >z = z' {z < z' \/ z' < z) and VO I — >z < z' ^ 

[z = z' \! z' < z'). So we may assume that the 'i/'^’s contain only atoms. 

By plain predicate logic we can replace 3xm V t)y the equivalent for- 
mula 'y/ 3Xm'4>j- 

Notation: for the rest of this example we will use ip t as an abbreviation 
for VO h (T <-> T. 

We have just seen that it suffices to consider only formulas of the form 
3xm A 'Xp, where each ap is atomic. A systematic look at the conjuncts will 
show us what to do. 

(1) If Xm does not occur in A <Xp, we can delete the quantifier (cf. 2.5.2). 

(2) Otherwise, collect all atoms containing x^ and regroup the atoms, such 
that we get A <Xp h iXm < Ui^lk j O < XmA^ fe = XmAx, where 
X does not contain Xm- Abbreviate this formula as tAx- By predicate logic 
we have 3xm{x A %) <-> 3xmT A x (cf- 2.5.3). Since we want to eliminate 
3xm, it suffices to consider 3xmX only. 

Now the matter has been reduced to bookkeeping. Bearing in mind that 
we are dealing with a linear order, we will exploit the information given 
by T concerning the relative position of the Ui, Vj,Wk’s with respect to Xm- 
(2a) r := A A jl\ vj < Xm A jl\ Wk = Xm- 

Then 3xmT ^ t' , with P := j\ wq < Ui A A Xj < wq A H wq = Wk 
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(where wq is the first variable among the Wk’s). The equivalence follows 
immediately by a model theoretic argument (i.e. T>0 ^ 3xmT ^ x'). 

(2b) T := ^ Xm < A ^ Vj < Xm- 

Now the properties of VO are essential. Observe that dim (A im < a* A 
A bj < Xm) holds in a densely ordered set if and only if all the a^’s lie to 
the right of the bj’s. So we get (by completeness) dim^ ^ Vj < Ui- 

(2c) T ^ Xm < Ui A ^ Wk = Xm- 

Then 3xmT ^ A A A Wk = wq. 

(2d) T ■= A Uj < Xm A A Wk = Xm- 
Cf. (2c). 

(2e) T := A Xm < Ui. 

Observe that 3xmT holds in all ordered sets without a left endpoint. So 
we have 3xmX T, since we work in VO. 

(2f) r := A O < Xm- 
Cf. (2e). 

(2g) x:= A uJk= Xm- 

Then 3cmT ^ A wq = Wk. 

Remarks. 

(i) The cases (2b), (2e) and (2f) make essential use of VO. 

(ii) It is often possible to introduce shortcuts, e.g. when a variable (other 
than Xm) occurs in two of the big conjuncts we have 3xmX 

If the innermost quantifier is universal, we reduce it to an existential one 
by yxm<f ^ ^3xmmip. 

Now it is clear how to eliminate the quantifiers one by one . 

Example. 

3xy{x < y A 3z{x < z A z < y A Vu(u ^ z ^ u < y\/ u = i))) 

^ 3xyz'iu[x < y A X < z A z < y A {u = z\/ u < yy u = x)] 

A 3xyz^3u[mx < y V < z\/ mz < y y {^u = z A mu < y A mu = i)] 

A 3xyzm3u[x = yy y < xy x = zy z < xy z = yy y < zy 
{{u <zy z<u) A (u = yyy<u) A {u<xyx< m))] 

3xyzm3u[x = yy y < xy X = zy z < xy z = yy y < zy 
{u<zAu = yAu<x)y{u<zAu = yAx< u)V 
{u<zAy<uAu<x)y{u<zAy<uAx< u)y 
{z<uAu = yAu<x)y{z<uAu = yAx< u)V 
{z < u A y < u A u < x) y {z < u A y < u A X < u)]. 

3xyzm[x = yyy<xyx = zyz<xyz = yyy<zy 
3u{u <zAu = yAu<x)y 3u{u <zAu = yAx<u)y...y 
3u{z < u A y < u A X < u)]. 
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3xyz^[x = y\/...\/y<z\/{y<zAy<x)\/{y<zAx<y) 
W{y<zAy<x)\/{y<zAx<z)W{z<yAy<x) 

\/{z < y A X < y) V {z < X A y < x) \/ T], 

A 3xyz{-^T). 

* I 

<-> _L . 

Evidently the above quantifier elimination for the theory of dense order 
without endpoints provides an alternative proof of its decidability. For, if tp is 
a sentence, then ip is equivalent to an open sentence </?'. Given the language 
of VO it is obvious that ip' is equivalent to either T or _L. Hence, we have 
an algorithm for deciding VO h p. Note that we have obtained more: VO is 
complete, since VO h p <->_L or VO h T, so VO I — >p or VO h p. 

In general we cannot expect that much from quantifier elimination: e.g. 
the theory of algebraically closed fields admits quantifier elimination, but it 
is not complete (because the characteristic has not been fixed in advance); 
the open sentences may contain improvable and unrefutable atoms such as 
7= 12, 23 = 0. 

We may conclude from the existence of a quantifier elimination a certain 
model theoretic property, introduced by Abraham Robinson, which has turned 
out to be important for applications in algebra (cf. the Handbook of Mathe- 
matical Logic, A 4 ). 



Definition 3.3.21 A theory T is model complete «//or 21, *8 G Mod(T) 
21 c <8 21 25. 

We can now immediately obtain the following: 



Theorem 3.3.22 If T admits quantifier elimination, then T is model com- 
plete. 

Proof. Let 21 and 58 be models of T, such that 21 C 58. We must show 
that 2t 1= p{ai, . . . ,a„) 58 |= p{ai, . . . ,a„) for all oi, . . . ,a„ G |52l|, where 

FV{p) = {a;i, . . .,Xn}. 

Since T admits quantifier elimination, there is a quantifier free 
'ipixi, . . . , Xn) such that P \- p tp. 

Hence it suffices to show 21 h . . . ,an) 58 h tp{ai, . . . ,an) for a 
quantifier free tp. A simple induction establishes this equivalence. □ 

Some theories T have a particular model that is, up to isomorphism, con- 
tained in every model of T. We call such a model a prime model of T. 

Examples. 

(i) The rationale form a prime model for the theory of dense ordering without 
endpoints; 



132 3 Completeness and Applications 



(ii) The field of the rationals is the prime model of the theory of fields of 
characteristic zero; 

(iii) The standard model of arithmetic is the prime model of Peano’s arith- 
metic. 

Theorem 3.3.23 A model complete theory with a prime model is complete. 
Proof. Left to the reader. □ 



Exercises 

1. Let 21 = {A, <) be a poset. Show that Diag'^{^) U {a \ a ^ b,a,b G 
|a|} U {yxy{x < yV y < a;)} has a model. (Hint: use compactness). 
Conclude that every poset can be linearly ordered by an extension of its 
ordering. 



2. If / : 21 = IB and FV {(p) = {x \ , . . . , sho w 

21 h . . ..cinlxi, . . . , a;„] h (p[f (ai), . . . ,/(a„)/a;i, . . . ,a:„]. 
In particular, 21 = 25. 



3. Let 21 C IB. is called universal {existential) if (p is prenex with only 
universal (existential) quantifiers. 

(i) Show that for universal sentences p ^ \= p ^ p. 

(ii) Show that for existential sentences p p ^ ^ \= p. 

(Application: a substructure of a group is a group. This is one reason 
to use the similarity type (— ;2, 1;1) for groups, instead of (— ;2;0), or 
(— ; 2; 1), as some authors do). 

4. Let 21= (iV,<),«B = (A^-{0},<). 

Show: (i) 21 = 25; {ii) 21 = 25; 

{Hi) 25 C 21; \iv) not IB A 21. 

5. (Tarski). Let 21 C IB. Show 21 A 25 for all S L and oi, . . . ,a„ G 
|21|,1B h 3yp{y,di, . . . ,an) ^ there is an element a € |2l| such that 
25 h pfd,di, . . . ,an), where FV{p{y, ai, . . . ,an) = {y}. Hint: for show 

(i) t^{di, ...,dn)= t®(ai, . . . ,a„) for f € L, 

(ii) 21 h p{ai, . . . ,an) 25 h p{ai, . . . ,dn) for p G L by induction on p 
(use only V, =, 3). 

6. Another construction of a non-standard model of arithmetic: Add to the 
language L of arithmetic a new constant c. Show F = Th{^ U {c > 
n\n G |TI|} has a model 9B. Show that ^ 24. Can 2B be countable? 
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7. Consider the ring Z of integers. Show that there is an 21 such that Z ^ 21 
and Z ^ 21 (a non-standard model of the integers). Show that 21 has an 
“infinite prime number” , poo . 

Let (poo) be the principal ideal in 21 generated by poo . Show that 2t/(poo) 
is a field F. (Hint: look at Va:(“a; not in (poo)” — > 3yz{xy =1-1- zpoo)), 
give a proper formulation and use elementary equivalence). What is the 
characteristic of F? (This yields a non-standard construction of the ra- 
tionale from the integers: consider the prime field). 

8. Use the non-standard model of arithmetic to show that “well-ordering” 
is not a first-order concept. 

9. Use from the non-standard model of the reals to show that “archimedean 
ordered field” is not a first-order concept. 

10. Consider the language of identity with constants Ci{i G N) 

F = {/i,/ 2 ,/ 3 } U {ci yf Cj\i,j G N,i j}. Show that the theory of F is 
fc-categorical for fc > Hq, but not Ho-categorical. 

11. Show that the condition “no finite models” in Vaughts’s Theorem is 
necessary (look at the theory of identity). 

12. Let X C |2t|. Define Xq = X U C where C is the set of constants 
of 2t, Xji^i — Xji U {_/*(ni , . . . , CLjn) I f in 21, ui , . . . , CLjn G Xji^ , X^ — 
U{^n|n € N}. 

Show: ® = (X^ , nx-j , . . . , i? 2 nx:c A |X“L . . . , , {ci € /}) 

is a substructure of 21. We say that IB is the substructure generated by X. 
Show that *8 is the smallest substructure of 21 containing X ; fB can also 
be characterized as the intersection of all substructures containing X. 

13. Let *R be a non-standard model of Th{R). Show that st (cf. page 123) 
is a homomorphism from the ring of finite numbers onto R. What is the 
kernel? 

14. Consider 91' = {R, N, ,0 A) ^ where N is the set of natural 

numbers. L(Dl') has a predicate symbol N and, we can, restricting our- 
selves to -|- and •, recover arithmetic by relativizing our formulas to N 
(cf. 2.5.9). 

Let m' m' = {*R* X, . . .). Show that 91 = (TV, <, -h, ., 0, 1) ^ 

(*TV, <, -I-, ., 0, 1) =* 91 (Hint: consider for each p G L(91) the relativized 
G L{m')). 
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15. Show that any Peano-structure contains ill as a substructure. 

16. Let L be a language without identity and with at least one constant. 

Let a = 3xi . . . Xn^fiixi , . . . , Xn) and Ua- = , tn)\ti closed in L}, 

where ip is quantifier free. 

(i) 1= fj each 21 is a model of at least one sentence in (hint: for 
each 21, look at the substructure generated by 0). 

(ii) Consider as a set of propositions. Show that for each valuation 

V (in the sense of propositional logic) there is a model 21 such that 
[ip{ti, . . .,tn)\v = ■ • ,in)]a, for all ip{ti ,. . .t„) G E„. 

(iii) Show that h a V j for a certain m (hint: use 
Exercise 9, section 1.5). 

17. Let 21, IB € Mod{T) and 21 = *8. Show that Diag{^) U Diag{^) U T 
is consistent (use the Compactness Theorem). Conclude that there is a 
model of T in which both 21 and IB can be isomorphically embedded. 

18. Consider the class 1C of all structures of type (1; — ; 0) with a denumerable 
unary relation. Show that any 21 and IB in /C of the same cardinality 
K > Hq are isomorphic. Show that T = Th(IC) is not k— categorical for 
any «: > Hq. 

19. Consider a theory T of identity with axioms A„ for all n G N. In which 
cardinalities is T categorical? Show that T is complete and decidable. 
Compare the result with Exercise 10. 

20. Show that the theory of dense order without end-points is not categorical 
in the cardinality of the continuum. 

21. Consider the structure 21 = (K, <, /), where < is the natural order, and 
where / is a unary function. Let L be the corresponding language. Show 
that there is no sentence cr in L such that 21 ^ cr /(r) > 0 for all 
r G i?. (hint: consider isomorphisms x x + k). 

22. Let 21 = (A, ~), where ~ is an equivalence relation with denumerably 
many equivalence classes, all of which are infinite. Show that T/i(2t) is 
Ho-categorical. Axiomatize T/i(2t). Is there a finite axiomatization? Is 
T/i(2t) K-categorical for k > Hq? 

23. Let L be a language with one unary function symbol /. Find a sentence 

Tji, which says that “/ has a loop of length n”, i.e. 21 |= there 

are Oi, . . . , a„ G |21| such that /^(a^) = ai+i{i < n) and /®(a„) = oi. 
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Consider a theory T with axiom set {/3, ^T 2 , , 

->T„, . . .}(n S w), where (3 expresses “/ is bijective”. 

Show that T is K-categorical for k > Hq. (hint: consider the partition 
{(/®)*(a)|i € w} in a model 21). Is T Hg-categorical? 

Show that T is complete and decidable. Is T finitely axiomatizable? 

24. Put Tv = {ct|T h a and a is universal}. Show that Ty axiomatizes the 
theory of all substructures of models of T. Note that one part follows 
from Exercise 3. For the converse: let 21 be a model of Ty and consider 
Diag{%) U T. Use compactness. 

25. We say that a theory is preserved under substructures if 21 C *8 and 
*8 G Mod{T) implies 21 G Mod{T). 

( Los-Tarski). Show that T is preserved under substructures iff T can be 
axiomatized by universal sentences (use Exercise 24). 

26. Let 21 = *8, show that there exists a € such that 21 ^ *8 -< £ (up 

to isomorphism). Hint: assume that the set of new constants of i8 is 
disjoint with the set of new constants of Show that Th{%) U Th{^) 
has a model. 

27. Show that the ordening <, defined hy x < y := 3u{y = x+Su) is provably 
transitive in Peano’s Arithmetic, i.e. PA h \/xyz{x < yAy < z ^ x < z). 

28. Show: (i) PA h Va;(0 < x) (use induction on x), 

(ii) PA h yx{x = 0 V 3y{x = Sy)) (use induction on x), 

(in) PA h \/xy{x + y = y + x), 

(iv) PA h yy{x < y ^ Sx < y), (use induction on y), 

(v) PA h \/xy{x <y\/x = y\/y<x) (use induction on x, 
the case of a; = 0 is simple, for the step from x to Sx 
use (iv)), 

(iv) PA h yy—~3x{y < x A x < Sy) (compare with (iv)). 

29. (i) Show that the theory Loo of identity with “infinite universe” (cf. 

section 3.1, Exercise 3 or Exercise 19 above) admits quantifier elim- 
ination. 

(ii) Show that Loo has a prime model. 

3.4 Skolem Functions or How to Enrich Yonr Language 

In mathematical arguments one often finds passages such as “ there is an x 

such that ip{x) holds. Let a be such an element, then we see that ...”. In terms 

of our logic, this amounts to the introduction of a constant whenever the ex- 
istence of some element satisfying a certain condition has been established. 
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The problem is: does one thus strengthen the theory in an essential way? In 
a precise formulation: suppose T h 3xip{x). Introduce a (new) constant a and 
replace T by T' = T U {:/3(a)}. Question: is T' conservative over T, i.e. does 
T' \- tjj ^ T \- tj} hold, for ip not containing a? We have dealt with a similar 
problem in the context of Henkin theories, (section 3.1), so we can use the 
experience obtained there. 

Theorem 3.4.1 Let T he a theory with language L, sueh that T h 3xip{x), 
where {FV{(p) = {x}, and let c he a eonstant not occurring in L. Then 
TU {:/5(c)} is conservative over T. 

Proof. By Lemma 3.1.7, T' = T U {3xip{x) </^(c)} is conservative over T . If 
Ip £ L and T' U {v^(c)} h ip, then T' U {3x(p{x)} h ip, or T' h 3x(p{x) — > ip. 
Since T' is conservative over T we have T h 3xg}{x) ip Using T h 3xip{x), 
we get T \- Ip. (For an alternative proof see Exercise 6). □ 

The above is but a special case of a very common piece of practice; if one, 
in the process of proving a theorem, establishes that “for each x there is a y 
such that ip{x,y)'" , then it is convenient to introduce an auxilliary function 
/ that picks a y for each x, such that ip[x, f{x)) holds for each x. This tech- 
nique usually invokes the axiom of choice. We can put the same question in 
this case: if T h \/x3yip{x,y), introduce a function symbol / and replace T 
by r' = T U yxif{x, f{x)). Question: is T' conservative over T? The idea of 
enriching the language by the introduction of extra function symbols, which 
take the role of choice functions, goes back to Skolem. 



Definition 3.4.2 Let ip he a formula of the language L with FV (tp) = 
{x\, . . . ,Xn,y} ■ Associate with p an n-ary function symbol f^p, called the 
Skolem function (symbol) of p. The sentence 

yxi . . .Xn{3yp{xi,. ..,Xn,y)^ T(xi,. . .,Xn,U(xi, . . .,Xn))) 

is called the Skolem axiom for p. 

Note that the witness of section 3.1 is a special case of a Skolem function 
(take n = 0) : f^ is a constant. 



Definition 3.4.3 Lf T is a theory with language L, then = T U {cr\a is 
a Skolem axiom for some formula of L} is the Skolem extension of T and its 
language extends L by including all Skolem functions for L. Lf ill is of the 
type of L and 21®^ an expansion o/2t of the type of L^'^ , such that 21®^ |= a 
for all Skolem axioms a of L and |2l| = |2t®^|, then 21®^ is called a Skolem 
expansion ofiA. 

The interpretation in 21®^ of a Skolem function symbol is called a Skolem 
function. 
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Note that a Skolem expansion contains infinitely many functions, so it is 
a mild extension of our notion of structure. The analogue of 3.1.7 is 



Theorem 3.4.4 (i) is conservative over T. 

(ii) each 2t G Mod{T) has a Skolem expansion 2t®^ G Mod{T“^) . 



Proof. We first show (ii) . We only consider the case of formulas with FV {(p) = 
{xi, . . . ,Xn,y} for n > 1. The case n = 0 is similar, but simpler. It requires 
the introduction of new constants in 21 (cf. Exercise 6). Let 21 G Mod{T) and 
(fi G L with FV {(fi) = {xi, . . . , x„, ?/}. We want to find a Skolem function for 
(fi in 2t. 

Define Ki,...a„ = {& G |2l| | 21 [= ip(ai ,. . . ,a„,6)}. 

Apply AC to the set |14i,...a„ 0}: there is a choice function F 

such that F{Vaj^^...a„) G Va^^...a„ Define a Skolem function by 



F ^ (ui , . . ■ , aji ) 



F{Va„...aJ ifKi....a„ 

e else, where e G |2t|. 



Now it is a routine matter to check that indeed 



21®'= ^ Vxi . . . Xn{3y(p{xi, ...,Xn,y) . . . , x„, f^(xi, . . . , x„))), where 

F(fi = , and where 21®'= is the expansion of 21 with all Skolem functions 

Fip (including the “Skolem constants”, i.e. witnesses), (i) follows immediately 
from (ii): Let T \/ il> (with tjj G L), then there is an 21 such that 21 1/ '0- Since 
0 G L, we also have 21®'= 1/ 0 (cf. section 3.2, Exercise 3), hence T®'= 1/ 0. □ 
Remark. It is not necessary (for 3.4.4) to extend L with all Skolem function 
symbols. We may just add Skolem function symbols for some given set S of 
formulas of L. We then speak of the Skolem extension of T with respect to S 
(or with respect to if S' = {<^}). 

The following corollary confirms that we can introduce Skolem functions 
in the course of a mathematical argument, without essentially strengthening 
the theory. 



Corollary 3.4.5 //T h Vxi, . . . x„3j/(^(xi, . . . , x^, y), where FV{p) = 

{xi, . . . ,Xn,y}, then T' = ru{Vxi . . . x„(/j(xi, . . . ,x„, /^(xi, . . . ,x„))} is con- 
servative over T . 

Proof. Observe that T" = T U {Vxi . . . x„(3yy?(xi, . . . , x„, y) ^ 

y?(xi, . . . ,x„),/(<^(xi, . . . ,X„))} h Vxi . ..XnPiXi, . . .,Xn,U(xi, . . . ,X„)). 

So T' h 0 ^ T" h 0. Now apply 3.4.4. □ 

The introduction of a Skolem extension of a theory T results in the “elim- 
ination” of the existential quantifier in prefixes of the form Vx, . . . , x„3y. The 
iteration of this process on prenex normal forms eventually results in the elim- 
ination of all existential quantifiers. 

The Skolem functions in an expanded model are by no means unique. If, 
however, 21 |= Vxi . . . x„3!yy?(xi, . . . , x„, y), then the Skolem function for ip is 
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uniquely determined; we even have 21®^ ^ Vxi . . . Xny{f{xi , . . . , y) ^ y = 
f(p{xi , . . . , Xn))- We say that (p defines the function in 21®^, and 
Vxi . . . Xnyip{xi , . . . , Xn, y) ^ y = f(p{xi , . . . , Xn)) is called the definition of 
in 21®'=. 

We may reasonably expect that with respect to Skolem functions the V3!- 
combination yields better results than the V3-combination. The following the- 
orem tells us that we get substantially more than just a conservative extension 
result. 

Theorem 3.4.6 Let T h Vxi . . . Xn^^-yp{x \, . . . , Xn, y), where FV{lp) = 

{xi, . . . ,Xn,y} and let f be an n-ary symbol not oecurring in T or p. Then 
T+ = TU {Vii . . . Xny{p{xi, . . . ,Xn,y) ^ y = f{xi,. . .,Xn))} is conservative 
over T . 

Moreover, there is a translation t ^ from L+ = L U {/} to L, such that 

(1) T'*' h r ^ r'’, 

(2) r+ h r T h T°, 

(3) r = for T € L. 

Proof, (i) We will show that / acts just like a Skolem function; in fact T+ is 
equivalent to the theory T' of Corollary 3.4.5 (taking / for /^). 

(a) T+ h Vxi . . . Xnp{xi, ...,Xn, f{xi, Xn))- 
For, r+ h Va;i . . . Xn^yp{xi, ...,Xn,y) and 

r+ h Va;i . . . Xny{p{xi, . . . ,Xn,y) ^ y = f(xi, Xn))- 

Now a simple exercise in natural deduction, involving RI 4 , yields (a). 

Therefore T' C T+ (in the notation of 3.4.5). 

(b) y = f(xi, . - -,Xn),yXi - . - Xnp{xi - . - Xn,f{xi,- . -,Xn)) b 
p{xi, ...,Xn,y),S 0 T''ry = f{xi, ...,Xn)^ p{xi, --.,Xn,y) 
and p{xi ,--.,Xn, y), Va;i . . . Xnp{xi, -.-,Xn, f{xi, . . . , Xn), 

Vii . . .a;„3 \yp{xi , . . . , a;„, y) h y = f{xi , . . -,Xn), 

so T' h p{xi,. - . ,Xn,y) ^ y = f{xi,- . -,Xn)- 

Hence T' h Vxi . ..Xny{p{xi,- . . ,Xn,y) ^ y = f(xi , . . -,Xn))- 

So T+ C T', and hence T' = T+. 

Now, by 3.4.5, T+ is conservative over T. 

(ii) The idea, underlying the translation, is to replace occurrences of /(— ) by 
a new variable and to eliminate /. Let t € L* and let /(— ) be a term in L* 
not containing / in any of its subterms. Then h r(. . . , /(— ), ...)<-*■ 3y(y = 
/(— )At(. - - ,y, - - .)), where y does not occur in r, and T+ h r(. . . , /(— 

3y{p{—, y) A t(. . . , y, . . .)). The right-hand side contains one occurrence of / 
less than r. Iteration of the procedure leads to the required /-free formula r°. 
The reader can provide the details of a precise inductive definition of r*^; note 
that one need only consider atomic r (the translation extends trivially to all 
formulas). Hint: define something like “/-depth” of terms and atoms. From 
the above description of it immediately follows that T+ \- t ^ - Now 

(2) follows from (i) and (1). Finally (3) is evident. □ 
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As a special case we get the explicit definition of a function. 

Corollary 3.4.7 Let FV{t) = {x\, . . . ,Xn} and f ^ L. Then T+ = TU 
{Vxi . . . Xn{t = /(xi, . . . , Xn)} is Conservative over T. 

Proof. We have Vxi . . . x„3!y(y = t), so the definition of /, as in 3.4.6, becomes 
Vxi . . . XuViy = t ^ y = f{xi , . . . , Xn)), which, by the predicate and identity 
rules, is equivalent to Vxi . . . = /(xi, . . . , x„)). □ 

We call /(xi, . . . Xn) = t the explicit definition of /. One can also add new 
predicate symbols to a language in order to replace formulas by atoms. 

Theorem 3.4.8 Let FV(ip) = {xi, . . . ,x„} and let Q be a predicate symbol 
not in L. Then 

(i) T+ = T U {Vxi . . . Xnip Q(xi, . . . , Xn))} is conservative over T. 

(ii) there is a translation t —>■ into L such that 

(1) T~^ h r <-> r^, 

(2) T+^t^T^ t°, 

(3) T = T° for T G L. 

Proof. Similar to, but simpler than, the above. We indicate the steps; the 
details are left to the reader. 

(a) Let 21 be of the type of L. Expand 21 to 21+ by adding a relation Q+ = 

} (ui , . . . , Qn) 1^1^ ^(ai,..., an ) } . 

(b) Show 21 }= T 21+ )= T+ and conclude (i) . 

(c) Imitate the translation of 3.4.6. □ 

We call the extensions shown in 3.4.6, 3.4.7 and 3.4.8, extensions by defi- 
nition. The sentences 

Vxi . ..XnVip ^y = f{xi, ■ ■ -,Xn)), 

Vxi . . .x„(/(xi, . . . ,x„) = t), 

Vxi . ..Xn{(p ^ Q(xi, . . . ,Xn)), 

are called the defining axioms for / and Q respectively. 

Extension by Definition belongs to the daily practice of mathematics (and 
science in general). If a certain notion, definable in a given language, plays 
an important role in our considerations, then it is convenient to have a short, 
handy notation for it. 

Think of “x is a prime number” , “x is equal to y or less than y” , “z is the 
maximum of x and y”, etc. 

Examples. 

1 . Characteristic functions 

Consider a theory T with (at least) two constants cq,Ci, such that 
T h Co yf Cl. Let FV{if) = {xi, . . . , x„|, then T h Vxi . . . x„3!y((^ A 
y = Ci)V(->(/5Ay = cq)). (Show this directly or use the Completeness Theorem). 
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The defining axiom for the characteristic function is 

\/xi . ..Xny[{(p A y = Cl) V Ay = C2)) ^ y = Kp{xi,. . .,Xn))- 

2 . Definition by (primitive) Recursion. 

In arithmetic one often introduces functions by recursion, e.g. x(x^. The 
study of these and similar functions belongs to recursion theory; here we 
only note that we can conservatively add symbols and axioms for them. Fact 
(Godel, Davis, Matijasevich): each recursive function is definable in PA, in 
the sense that there is a formula ip of PA such that 

(i) PA h Vii . . . a;„3!?/<p(a;i, . . . , a;„, y) and 

(ii) for fci, . . . , /c„,m e Nf{ki,. . ,,k„) = PA h p{ki, .. .,kn,m). 

For details see [Smoryhski 1991], [Davis 1958]. 

Before ending this chapter, let us briefly return to the topic of Skolem 
functions and Skolem expansions. As we remarked before, the introduction of 
Skolem functions allows us to dispense with certain existential quantifiers in 
formulas. We will exploit this idea to rewrite formulas as universal formulas 
(in an extended language !). 

First we transform the formula (p into prenex normal form p' . Let us 
suppose that p' = \/xi . . .Xr 3 yi’{,xi, . . . ,Xn,y,Zi, . . . ,zu), where zi,...,Zk 
are all the free variables in p. Now consider 

T* = T U {ixi . . . XnZi . . . Zk{^yii{xi,. . . ,Xn,y,zi, . . . ,Zk) ^ 

f{xi, ...,Xn, f{xi, ...,Xn,Zi,..., Zfe), Zi , . . . , Zfc))}- 

By Theorem 3.4.4 T* is conservative over T, and it is a simple exercise in 
logic to show that 

T* h Vii . . . Xn^yipi-, y, -) ^ Vii . . . /(. . .), -). 

We now repeat the process and eliminate the next existential quantifier 
in the prefix of '01 in finitely many steps we obtain a formula p^ in prenex 
normal form without existential quantifiers, which, in a suitable conservative 
extension of T obtained by a series of Skolem expansions, is equivalent to p. 

Warning: the Skolem form p‘^ differs in kind from other normal forms, in the 
sense that it is not logically equivalent to p. 

Theorem 3.4.4 shows that the adding of Skolem Axioms to a theory is 
conservative, so we can safely operate with Skolem forms. The Skolem form 
has the property that is satisfiable if and only if p is so (cf. Exercise 4). 
Therefore it is sometimes called the Skolem form for satisfiability. There is a 
dual Skolem form p^ (cf. Exercise 5), which is valid if and only if p is so. ps 
is called the Skolem form for validity. 

Example. \/xi3i3y2yx23y3yx3\/xi3y4 p{xi,X2, X3, Xi, yi, 2/2, 2/3, 2/4, 21,2:2). 
step 1. Eliminate yp. 

yxi3y2yx23y3yx3yx4:3yi p{xi,X2:X3,xp /(ii, 21, 22), 2/2, 2/3, 2/4, 21, 22) 
step 2. Eliminate 2/2: 
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'ixiX2'^y3^X3Xi3yi f/j(. . . , /(a;i, zi, Z 2 ), g(a;i, 2i, Z 2 ), ys, 2/4, zi, 22 ). 
step 3. Eliminate 2 / 3 : 

VxiX2X3X43y4 </5(- • ■ , fiXi,Zi,Z 2 ),g{Xi,Zi,Z 2 ),h{xi,X 2 , Zi, Z 2 ), 2/4, Zi, Z 2 ) 
step 4. Eliminate 2 / 4 : 

Vxia; 2 a: 3 a ;4 V^(. • ■ , /(xi, zi, Z2), y(a;i, zi, Z2), X2, zi, Z2), 

k{xi,X2,X3,X4,Zi,Z2),Zi,Z2). 

In Skolem expansions we have functions available which pick elements for 
us. We can exploit this phenomenon to obtain elementary extensions. 

Theorem 3.4.9 Consider 21 and IB of the same type. 

g Skolem expansion of^ and QL* C *8®^, where 21* is some expansion 



Definition 3.4.10 Let X C |2t|. The Skolem Hull &x of X is the substruc- 
ture of 21 which is the reduct of the structure generated by X in the Skolem 
expansion 2t®^ o/2l (cf. Exercise 12, section 3.3). 

In other words &x is the smallest substructure of 2t, containing X, which 
is closed under all Skolem functions (including the constants). 

Corollary 3.4.11 For all X C |2l| &x -< 21- 

We now immediately get the strengthening of the downward Skolem- 
Lowenheim Theorem formulated in Theorem 3.3.12, by observing that the 
cardinality of a substructure generated by X is the maximum of the cardi- 
nalities of X and of the language. This holds too in the present case, where 
infinitely many Skolem functions are added to the language). 

Exercises 

1. Consider the example concerning the characteristic function. 

(i) Show T+ h Vxi . . . Xni<p ^ K,p{xi, . . . ,Xn) = Cl). 

(ii) Translate K,^{xi, ...,Xn) = K^{yi, . . .,yn). 

(iii) Show T+ h Vxi . . . Xnyi, . . . , yn{K,p{xi, ...,Xn) = 

K^iyi, . . .,yn)) ^ Vxi . ..Xn(p{xi,. . . ,a;„) V 

'ixi . . .Xn^y^’ixi, . . .,Xn). 

2. Determine the Skolem forms of 



of 21, then 21 -< 25 . 



Proof. We use Exercise 5 of section 3.3. Let ai, . . . , a„ S |2l| 
® h 3y(^(y,ai, . . . ,a„) O 25®'= 
the Skolem function for ip. Since 

/®°'“(ai, . . . ,a„) and so b = (/,^(; 

Hence 25*^= ^ p(b,ai, . . . ,an). This shows 21 -< S. 




□ 



(a) V2/3 x(2i^ -I- i/x — 1 = 0), 

(b) Ve35(e > 0 ^ (5 > 0 A Va;(|a; — a| < i5 — > |/(a;) — f(a)\ < e) 
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(c) 'ix3y(x = f{y)), 

(d) \/xy{x < y — > 3u{u < x) A 3v{y < v) A 3w{x < v Aw < y)), 

(e) \/x3y{x = y'^ \J x = — y^). 

3. Let cr® be the Skolem form of cr. Consider only sentences. 

(i) Show that C U {cr®} is conservative over C U {crj. 

(ii) Put C® = {cr®|cr S C}. Show that for finite C, C® is conservative over 

r. 

(iii) Show that P® is conservative over F for arbitrary F. 

4. A formula ip with FV{(p) = {ii, . . . , a;„} is called satisfiable if there is 
an 21 and ai, . . . ,Qn € |2l| such that 21 |= (f(a, . . . , a„). Show that (f is 
satisfiable iff y?® is satisfiable. 

5. Let cr be a sentence in prenex normal form. We define the dual Skolem 
form as of a as follows: let a = (QiXi) . . . {QnXn)T, where r is quantifier 
free and Qi are quantifiers. Consider a' = {QiXi) . . . {Qj^Xn)^r, where 

= V,3 iff Qi = 3,V. Suppose (ct')® = (Qx^Xi^) . . . ; then 

CTs — . . . (C^i^Xi^^T . 

In words: eliminate from a the universal quantifiers and their variables 
just as the existential ones in the case of the Skolem form. We end up 
with an existential sentence. 

Example. {\/x3y\/z(p{xyx))s = 3y(p{c, y, /(y)). 

We suppose that L has at least one constant symbol. 

(a) Show that for all (prenex) sentences a, ^ cr iff |= CTs. (Hint: look at 
Exercise 4). Hence the name: “Skolem form for validity” . 

(b) Prove Herbrand’s Theorem: 



for some to, where cr( is obtained from as by deleting the quantifiers. 
The tj(i < m,j < n) are certain closed terms in the dual Skolem 
expansion of L. Hint: look at ^(^cr)®. Use Exercise 16, section 3.3 

6. Let T h 3xip{x), with FV{p) = {a;}. Show that any model 21 of T can 
be expanded to a model 21* of T with an extra constant c such that 
21* 1= p{c). Use this for an alternative proof of 3.4.1 

7. Consider I^o the theory of identity “with infinite universe” with axioms 
A„(n £ N) and F^ with extra constants Ci(i € N) and axioms Ci yf Cj for 
i yf j, i,jGN. Show that F^ is conservative over loc- 



m 




4 



Second Order Logic 



In first-order predicate logic the variables range over elements of a structure, 
in particular the quantifiers are interpreted in the familiar way as “for all 
elements a of |2t| ...” and “there exists an element a of |2l| . . .”. We will now 
allow a second kind of variable ranging over subsets of the universe and its 
cartesian products, i.e. relations over the universe. 

The introduction of these second-order variables is not the result of an un- 
bridled pursuit of generality; one is often forced to take all subsets of a struc- 
ture into consideration. Examples are “each bounded non-empty set of reals 
has a suppremum”, “each non-empty set of natural numbers has a smallest 
element” , “each ideal is contained in a maximal ideal” . Already the introduc- 
tion of the reals on the basis of the rationale requires quantification over sets 
of rationale, as we know from the theory of Dedekind cuts. 

Instead of allowing variables for (and quantification over) sets, one can also 
allow variables for functions. However, since we can reduce functions to sets 
(or relations), we will restrict ourselves here to second-order logic with set 
variables. 

When dealing with second-order arithmetic we can restrict our attention to 
variables ranging over subsets of N, since there is a coding of finite sequences 
of numbers to numbers, e.g. via Godel’s /3-function, or via prime factorisation. 
In general we will, however, allow for variables for relations. 

The introduction of the syntax of second-order logic is so similar to that 
of first-order logic that we will leave most of the details to the reader. 

The alphabet consists of symbols for 

(i) individual variables: Iq, Si, 2:2, . . ., 

(ii) individual constants: cq, ci, C2, . . ., 
and for each n > 0, 

(iii) n-ary set (predicate) variables: Aq , A", A^, . . . , (iv) n-ary set (predi- 
cate) constants: ±, Pq, P 2 , ■ ■ ■ , (v) connectives : A, V, 3, V. 

Finally we have the usual auxiliary symbols: ( , ) , , . 
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Remark. There are denumerably many variables of each kind. The number of 
constants may be arbitrarily large. 

Formulas are inductively defined by: 

(i) X°,pO,_Le FORM, 

(ii) for n > 0 . . . ,t„) S FORM, . . . ,t„) € FORM, 

(iii) FORM is closed under the propositional connectives, 

(iv) FORM is closed under first- and second-order quantification. 

Notation. We will often write {x\,. . . , Xn) G X" for X”(xi, . . . , x„) and 
we will usually drop the superscript in X". 

The semantics of second-order logic is defined in the same manner as in 
the case of first-order logic. 



Definition 4.1 A second-order structure is a sequence 21 = {A, A* ,c* , R*) , 
where A* = (A„|n G N),c* = {ci\i G N} C A, 

R* = € N), and A^ C V{A^),Rf G A„. 

In words: a second-order structure consists of a universe A of individuals 
and second-order universes of n-ary relations (n > 0), individual constants 
and set (relation) constants, belonging to the various universes. 

In case each An contains all n-ary relations (i.e. An = V{A'^)), we call 21 
full. 

Since we have listed T as a 0-ary predicate constant, we must accomodate 
it in the structure 21. 

In accordance with the customary definitions of set theory, we write 
0 = 0, 1 = 0 and 2 = {0, 1}. Also we take A^ = 1, and hence Ag C V{A^) = 
V{1) = 2. By convention we assign 0 to T. Since we also want a distinct 0-ary 
predicate (proposition) T := ^ T, we put 1 G Aq. So, in fact, Aq = V{A°) = 2. 

Now, in order to define validity in 21, we mimic the procedure of first- 
order logic. Given a structure 21, we introduce an extended language T(2t) 
with names S for all elements S' of A and A„(n e N). The constants Rf are 
interpretations of the corresponding constant symbols Pf. 

We define 21 |= is true or valid in 21, for closed ip. 



Definition 4.2 (ij Ql \= S if S = 1, 

(ii) 21 1= S"(si,...,s„)i/(si,...,s„) € S", 

(iii) the propositional connectives are interpreted as usual (cf. 1.2.1, 2.4-5), 

(iv) 21 1= yxip{x)ifil \= ip(s)for alls G A, 

21 1= 3x(fi{x)ifii 1= ip(s)for somes G A, 

(v) 21 h VA"(/?(A’")j/2l h V^(S")/or allS^ G A„, 

21 h h ^(S'^)for Somes'^ G A„. 
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If 2t 1= we say that tp is true, or valid, in 2t. 



As in first-order logic we have a natural deduction system, which con- 
sists of the usual rules for first-order logic, plus extra rules for second-order 
quantifiers. 









yx^if 

*■ 



y^E 



* 






3 ^/ 



3A"(/j '0 

0 






where the conditions on V^/ and 3'^E are the usual ones, and ip* is obtained 
from If by replacing each occurrence of . . . , by cr(ti, . . . , for a 

certain formula a, such that no free variables among the U become bound 
after the substitution. 

Note that 3^1 gives us the traditional Comprehension Schema: 



3A"Va;i . . .Xn[p{xi, . . . ,a;„) ^ X'^{xi, . . .,Xn)], 
where A” may not occur free in ip. 

Proof. 

yXi...Xn{p{xi,...,Xn) ^ p{xi , . . . , Xn)) 

3^1 

3X"^yXi . ..Xn{p{xi,. ..,Xn)^ A"(xi, . . .,Xn)) 

Since the topline is derivable, we have a proof of the desired principle. 
Conversely, 3^1 follows from the comprehension principle, given the ordinary 
rules of logic. The proof is sketched here [x and t stand for sequences of 
variables or terms; assume that A" does not occur in a). 

[V0(cr(0) ^ A"'(x))] 

^ A"(t ) ^ 

<^(...,A"(T ),...) 

* 

3A>(...,A-(7),...) 



In f a number of steps are involved, i.e. those necessary for the Substitu- 
tion Theorem. In * we have applied a harmless 3-introduction, in the sense 
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that we went from a instance involving a variable to an existence statement, 
exactly as in first-order logic. This seems to beg the question, as we want to 
justify 3^-introduction. However, on the basis of the ordinary quantifier rules 
we have justified something much stronger than * on the assumption of the 
Comprehension Schema, namely the introduction of the existential quantifier, 
given a formula a and not merely a variable or a constant. 

Since we can define from 3^ a similar argument works for V^if. 

The extra strength of the second-order quantifier rules lies in V^I and 3'^E. 
We can make this precise by considering second-order logic as a special kind 
of first-order logic (i.e. “flattening” 2”‘^-order logic). The basic idea is to in- 
troduce special predicates to express the relation between a predicate and its 
arguments. 

So let us consider a first-order logic with a sequence of predicates Apa, 
Api,Ap 2 , Ap 3 , . . . , such that each Apn is {n + l)-ary. We think of 
Apn{x,yi, ■■.,yn) as . . -,yn)- 

For n = 0 we get Apq{x) as a first-order version of X^, but that is in 
accordance with our intentions. is a proposition (i.e. something that can 
be assigned a truth value), and so is Apo(x). We now have a logic in which 
all variables are first-order, so we can apply all the results from the preceding 
chapters. 

For the sake of a natural simulation of second-order logic we add unary 
predicates V, Uq, Ui,U 2 , . . ., to be thought of as “is an element”, “is a o-ary 
predicate (i.e. proposition)” “is a 1-ary predicate”, etc. 

We now have to indicate axioms of our first-order system that embody the 
characteristic properties of second-order logic. 

(i) \/xyz{Ui{x) A Uj{y) A V{z) ^ x y A y z A z ^ x) for all i j . 

(i.e. the Ufs are pairwise disjoint, and disjoint from V). 

(ii) yxyi . . ,yn{Apn{x,yi, ...,?/„) ^ Un{x) A ^ ^V{yi)) for n > 1. 

(i.e. if a;, 2 / 1 , . . . , are in the relation Apn, then think of a; as a predicate, 
and the yfs as elements). 

(iii) f7o(Co, l^(C' 2 i+i), for i > 0, and Un{Cy.^n)^ for i,n > 0. 

(i.e. certain constants are designated as “elements” and “predicates”). 

(iv) Vzi . . . Zm^x[Uni,x) A V?/i . . . 2/n(A V (pi) (ip* ^ Apn(x, 2 / 1 , ... , 2/n)))], 
where x ^ FV{ip*), see below. (The first-order version of the comprehen- 
sion schema. We assume that FV{(p) C {z\, . . . , Zn,yi, ■ ■ ■ ,yn}- 

(v) ^Apo{Co). (so there is a 0-ary predicate for ‘falsity’). 

We claim that the first-order theory given by the above axioms represents 
second-order logic in the following precise way: we can translate second-order 
logic in the language of the above theory such that derivability is faithfully 
preserved. 

The translation is obtained by assigning suitable symbols to the various 
symbols of the alphabet of second-order logic and defining an inductive pro- 
cedure for converting composite strings of symbols. We put 
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{Xi)* 


— , 


{Ci)* 


= C2i+i , for z > 0, 








= €31.571, for z > 0,n > 


(X°)* 


= Apa{xy),iov i > 0, 


(p°r 


= ^Po(c 30 >for i > 0, 


i±)* 


= Apo{co)- 



Furthermore: 



:= for binary connectives □ and 

:= -,(p* and 

{yxiiflxi))* ■.= yx*{V{x*) ^ if*{x*)) 

{3xiip{xi)Y := 3x*{y{xt) A (f*{xf)) 

(VX^ip(Xp))* ■.= V(Xp)*(Un(X^Y*) ^ V’*(x?)*)) 
(3Xp^(Xp)r := 3(Xpr(Un((Xp)*) A (^*((a^r)*)) 



It is a tedious but routine job to show that l ~2 ip ip*, where 2 and 1 refer 
to derivability in the respective second-order and first-order systems. 



Note that the above translation could be used as an excuse for not doing 
second-order logic at all, were it not for the fact that first-order version is not 
nearly so natural as the second-order one. Moreover, it obscures a number 
of interesting and fundamental features, e.g. validity in all principal models 
see below, makes sense for the second-order version, whereas it is rather an 
extraneous matter with the first-order version. 



Definition 4.3 A second-order structure 21 is called a model of second- order 
logic if the comprehension schema is valid in 21. 

If 21 is full (i.e. An = V{AY for all n), then we call 21 a principal (or 
standard) model. 

From the notion of model we get two distinct notions of “second-order 
validity”: (i) true in all models, (ii) true in all principal models. 

Recall that % \= ip was defined for arbitrary second-order structures; we 
will use 1= if for “true in all models” . 

By the standard induction on derivations we get ip ^ \= 

Using the above translation into first-order logic we also get \= p ^ \~2 ip- 
Combining these results we get 



Theorem 4.4 (Completeness Theorem) \~2 p 
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Obviously, we also have ^ is true in all principal models. The 

converse, however, is not the case. We can make this plausible by the following 
argument: 

(i) We can define the notion of a unary function in second-order logic, and 
hence the notions ‘bijective’ and ‘surjective’. Using these notions we can 
formulate a sentence a, which states “the universe (of individuals) is finite” 
(any injection of the universe into itself is a surjection). 

(ii) Consider F = {a} U {A„|n € TV}. F is consistent, because each finite 
subset {a, A„^ , . . . , A„^ } is consistent, since it has a second-order model, 
namely the principal model over a universe with n elements, where n = 
maa;{ni, . . . ,nfe|. 

So, by the Completeness Theorem above F has a second-order model. Suppose 
now that F has a principal model 21. Then |2t| is actually Dedekind finite, and 
(assuming the axiom of choice) finite. Say 21 has uq elements, then 21 ^ A„p+i. 
Contradiction. 

We see that F has no principal model. Hence the Completeness Theorem 
fails for validity w.r.t. principal models (and likewise compactness). To find 
a sentence that holds in all principal models, but fails in some model a more 
refined argument is required. 

A peculiar feature of second-order logic is the definability of all the usual 
connectives in terms of V and 



Theorem 4.5 (a) VA°.A°, 

(6) h2 A V' ^ VA°(((^ X°)) ^ A°), 

(c) h 2 V V' ^ yX°{{ip X^) X^) ^ A°), 

Id) h2 ^xip ^ yX°{\/x{ip X°) X°), 

(e) h 2 ^ VA°(VX"(((^ ^ X°) X°). 

Proof, (a) is obvious. 
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Conversely, 

M W 

(fi Atp 

^ ^ X°)) ^ 

ip —f {ijj ^ {ip A tjj)) ip ^ {'ip ^ {ip A Ip)) ^ ip Alp 
p Alp 



(d) 



[Vx(yj(a;) ^ X)] 
[y>(a:)] p{x) X 
X 

3xp{x) \/x{p{x) X) ^ X 
\fx{p{x) ^X)-.X 
yX{\ix{p{x) ^X)^X) 



Conversely, 

Wix)] 

3xp{x) 

p{x) 3xp{x) yXpix{p{x) — >■ X) — >■ X) 

\/x{p{x) — > 3xp{x)) \/x{p{x) — > 3xp{x)) — >■ 3xp{x) 

3xp{x) 



(c) and (e) are left to the reader. □ 

In second-order logic we also have natural means to define identity for 
individuals. The underlying idea, going back to Leibniz, is that equals have 
exactly the same properties. 



Definition 4.6 (Leibniz-identity) x = y:= yX{X{x) ^ X{y)) 

This defined identity has the desired properties, i.e. it satisfies Ji, . . . , J4. 
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Theorem 4.7 (*) \~2 x = x 

(a) h2X = y^y = x 

(Hi) \~2X = yAy = z^x = z 

(iv) h 2 X = y^ (ip(x) ipiy)) 

Proof. Obvious. □ 

In case the logic already has an identity relation for individuals, say =, we 
can show 



Theorem 4.8 \~2 x = y x = y. 

Proof, —f is obvious, by I 4 . <— is obtained as follows: 

VX(X(x) X{y)) 
x=x x=x x=y 

x=y 



In we have substituted z = x for X(z). □ 

We can also use second-order logic to extend Peano’s Arithmetic to second- 
order arithmetic. 

We consider a second-order logic with (first-order) identity and one binary 

predicate constant S', which represents, intuitively, the successor relation. The 
following special axioms are added: 

1. 3\xiy^S{y,x) 

2. yx3\yS{x,y) 

3. \/xyz{S{x, z) AS{y,z) ^ X = y) 

For convenience we extend the language with numerals and the succes- 
sor function. This extension is conservative anyway, under the following 
axioms: 

(i) Vy^S(y,0), 

(ii) S(n, n + 1), 

(iii) y = x+ ^ S{x,y). 

We now write down the induction axiom (N.B., not a schema, as in first- 
order arithmetic, but a proper axiom!). 

4. VW(A:(0) a yx{X{x) x(a;+)) ^ Va:X(a;)) 

The extension from first-order to second-order arithmetic in not conserv- 
ative. It is, however, beyond our modest means to prove this fact. 

One can also use the idea behind the induction axiom to give an (induc- 
tive) definition of the class of natural numbers in a second-order logic with 
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axioms (1), (2), (3): N is the smallest class containing 0 and closed under the 
successor operation. 

Let ,^{x) := VX[(X(0) A Vy(X(y) ^ X{y+)) ^ X{x)\. 

Then, by the comprehension axiom BYyx^v^x) <-> y(a;)). 

As yet we cannot assert the existence of a unique Y satisfying \/x(y{x) <-!• 
Y{x))^ since we have not yet introduced identity for second-order terms. 
Therefore, let us add identity relations for the various second-order terms, 
plus their obvious axioms. 

Now we can formulate the 

Axiom of Extensionality . 

V X {X^(x) ^ F"(s)) ^ X" = y" 

So, finally, with the help of the axiom of extensionality, we can assert 

3\Y'\!x{i'{x) <-!■ Y{x)). Thus we can conservatively add a unary predicate con- 
stant N with axiom Vx(iy(x) <-> N(x)). 

The axiom of extensionality is on the one hand rather basic - it allows 
definition by abstraction (“the set of all x, such that ...”), on the other hand 
rather harmless - we can always turn a second-order model without exten- 
sionality into one with extensionality by taking a quotient with respect to the 
equivalence relation induced by =. 



Exercises 

1 . Show that the restriction on X” in the comprehension schema cannot be 
dropped (consider -^X(x)). 

2. Show r l ~2 ip ^ r* hi ip* (where F* = {'0*|'0 ^ T}). 

Hint: use induction on the derivation, with the comprehension schema 
and simplified V, 3— rules. For the quantifier rules it is convenient to con- 
sider an intermediate step consisting of a replacement of the free variable 
by a fresh constant of the proper kind. 

3. Prove (c) and (e) of Theorem 4.5. 

4. Prove Theorem 4.7. 

5. Give a formula (p{X‘^), which states that X^ is a function. 

6. Give a formula ‘p(X'^) which states that X^ is a linear order. 
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7. Give a sentence a which states that the individuals can be linearly or- 
dered without having a last element (cr can serve as an infinity axiom). 

8. Given second-order arithmetic with the successor function, give axioms 
for addition as a ternary relation. 

9. Let a second-order logic with a binary predicate constant < be given with 
extra axioms that make < a dense linear ordering without end points. 
We write a; < y for < (x,y). W is a Dedekind Cut if 3xX{x) A3x^X{x) A 
\/x{X{x) Ay < X X{y)). Define a partial ordering on the Dedekind 
cuts by putting X < X' .= yx{X{x) — *■ X'{x)). Show that this partial 
order is total. 

10. Gonsider the first-order version of second-order logic (involving the pred- 
icates Apn, Un, V) with the axiom of extensionality. Any model 21 of this 
first-order theory can be “embedded” in the principal second-order model 
over Lat = {a G |2t||2l |= V{a}, as follows. 

Define for any r €Un f(r) = {(ai, . . . ,a„)|2l [= Apn{r,aT, . . . ,071)} 
Show that / establishes an “isomorphic” embedding of 2t into the cor- 
responding principal model. Hence principal models can be viewed as 
unique maximal models of second-order logic. 

11. Formulate the axiom of choice - for each number x there is a set X ... - 
in second-order arithmetic. 

12. Show that in definition 4.6 a single implication suffices. 



5 



Intuitionistic Logic 



5.1 Constructive Reasoning 



In the preceding chapters, we have been guided by the following, seemingly 
harmless extrapolation from our experience with finite sets: infinite universes 
can be surveyed in their totality. In particular can we in a global manner 
determine whether 2t |= 3xLp{x) holds, or not. To adapt Hermann Weyl’s 
phrasing: we are used to think of infinite sets not merely as defined by a 
property, but as a set whose elements are so to speak spread out in front of 
us, so that we can run through them just as an officer in the police office 
goes through his file. This view of the mathematical universe is an attractive 
but rather unrealistic idealization. If one takes our limitations in the face of 
infinite totalities seriously, then one has to read a statement like “there is a 
prime number greater than 10^° ” in a stricter way than “it is impossible 
that the set of primes is exhausted before 10^° ”. For we cannot inspect the 
set of natural numbers in a glance and detect a prime. We have to exhibit a 
prime p greater than 10^° . 

Similarly, one might be convinced that a certain problem (e.g. the deter- 
mination of the saddle point of a zero-sum game) has a solution on the basis 
of an abstract theorem (such as Brouwer’s fixed point theorem). Nonetheless 
one cannot always exhibit a solution. What one needs is a constructive method 
(proof) that determines the solution. 

One more example to illustrate the restrictions of abstract methods. Con- 
sider the problem “Are there two irrational numbers a and b such that is 



V2 . 



rational?” We apply the following smart reasoning: suppose 
then we have solved the problem. Should \/2 be irrational then I \[2 I 



IS rational, 
C2 



is rational. In both cases there is a solution, so the answer to the problem is: 
Yes. However, should somebody ask us to produce such a pair a, 6, then we 
have to engage in some serious number theory in order to come up with the 
right choice between the numbers mentioned above. 
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Evidently, statements can be read in an inconstructive way, as we did in 
the preceding chapters, and in a constructive way. We will in the present chap- 
ter briefly sketch the logic one uses in constructive reasoning. In mathematics 
the practice of constructive procedures and reasoning has been advocated by 
a number of people, but the founding fathers of constructive mathematics 
clearly are L. Kronecker and L.E.J. Brouwer. The latter presented a complete 
program for the rebuilding of mathematics on a constructive basis. Brouwer’s 
mathematics (and the accompaying logic) is called intuitionistic, and in this 
context the traditional nonconstructive mathematics (and logic) is called clas- 
sical. 

There are a number of philosophical issues connected with intuitionism, 
for which we refer the reader to the literature, cf. Dummett, Troelstra-van 
Dalen. 

Since we can no longer base our interpretations of logic on the Action 
that the mathematical universe is a predetermined totality which can be sur- 
veyed as a whole, we have to provide a heuristic interpretation of the logical 
connectives in intuitionistic logic. We will base our heuristics on the proof- 
interpretation put forward by A. Heyting. A similar semantics was proposed 
by A. Kolmogorov; the proof-interpretation is called the Brouwer-Heyting- 
Kolmogorov (BHK)-interpretation . 

The point of departure is that a statement tp is considered to be true 
(or to hold) if we have a proof for it. By a proof we mean a mathematical 
construction that establishes <p, not a deduction in some formal system. For 
example, a proof of ‘2 -|- 3 = 5’ consists of the successive constructions of 2, 3 
and 5, followed by a construction that adds 2 and 3, followed by a construction 
that compares the outcome of this addition and 5. 

The primitive notion is here “a proves (/?”, where we understand by a proof 
a (for our purpose unspecified) construction. We will now indicate how proofs 
of composite statements depend on proofs of their parts. 

(a) a proves ip A tp := a is a pair {b, c) such that b proves p and c proves tp. 

(V) a proves p M pj := a is a pair {b, c) such that 6 is a natural number and 
if 6 = 0 then c proves p, ii b ^ Q then c proves ip. 

(— >) a proves p pj := a is a construction that converts any proof p oi p 
into a proof a{p) of ip. 

(T) no a proves T. 

In order to deal with the quantifiers we assume that some domain D of 
objects is given. 

(V) a proves yxp{x) := a is a construction such that for each b G D a{b) 
proves p(b). 

(3) a proves 3xp{x) := a is a pair (6, c) such that b G D and c proves p(b). 

The above explanation of the connectives serves as a means of giving the 
reader a feeling for what is and what is not correct in intuitionistic logic. It is 
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generally considered the intended intuitionistic meaning of the connectives. 
Examples. 

1. (f Alp ^ (fi is true, for let (a, b) be a proof of (p A ip, then the construction 
c with c(a, b) = a converts a proof oi p Aip into a proof of ip. So c proves 
{pAip^ p). 

2. {p A Ip ^ a) ^ {p ^ {ip ^ O’)). Let a prove p A ip ^ a, i.e. a converts 
each proof (6, c) of p A ip into a proof a{b, c) of cr. Now the required proof 
p of p (ip —> a) is a construction that converts each proof b of p into 
a p(b) of Ip a. So p(b) is a construction that converts a proof c of ip 
into a proof {p{b)){c) of a. Recall that we had a proof a{b, c) of cr, so put 
{p{b){c) = a{b,c)\ let q be given by q{c) = a(b,c), then p is defined by 
p(b) = q. Clearly, the above contains the description of a construction 
that converts a into a proof p of p (ip ^ a). (For those familiar with 
the A-notation: p = Xb.Xc.a{b, c), so Xa.Xb.Xc.a{b,c) is the proof we are 
looking for). 

3. -<3xp{x) ^yx-^p{x). 

We will now argue a bit more informal. Suppose we have a construction a 
that reduces a proof of 3xp{x) to a proof of _L. We want a construction 
p that produces for each d G D a proof of p{d) — >_L, i.e. a construction 
that converts a proof of p{d) into a proof of _L. So let 6 be a proof of 
p{d), then (d,b) is a proof of 3xp{x), and a{d,b) is a proof of _L. Hence 
p with {p{d)){b) = a{d,b) is a proof of This provides us with a 

construction that converts a into p. 



The reader may try to justify some statements for himself, but he should 
not worry if the details turn out to be too complicated. A convenient handling 
of these problems requires a bit more machinery than we have at hand (e.g. 
A-notation) . Note, by the way, that the whole procedure is not unproblematic 
since we assume a number of closure properties of the class of constructions. 

Now that we have given a rough heuristics of the meaning of the logical 
connectives in intuitionistic logic, let us move on to a formalization. As it 
happens, the system of natural deduction is almost right. The only rule that 
lacks constructive content is that of Reduction ad Absurdum. As we have seen 

(p. 38), an application of RAA yields I <^p p, but for ^^p ^ p to hold 

informally we need a construction that transforms a proof of ^^p into a proof 
of p. Now a proves ~^^p if a transforms each proof b of ~^p into a proof of 
T, i.e. there cannot be a proof b of ^p. b itself should be a construction that 
transforms each proof c of p into a proof of T. So we know that there cannot 
be a construction that turns a proof of p into a proof of T, but that is a long 
way from the required proof of p\ (cf. ex. 1) 
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5.2 Intuitionistic Propositional and Predicate Logic 

We adopt all the rules of natural deduction for the connectives V, Ai -L, 3,V 
with the exception of the rule RAA. In order to cover both propositional and 
predicate logic in one sweep we allow in the alphabet (cf. 2.3,p. 60) 0-ary 
predicate symbols, usually called proposition symbols. 

Strictly speaking we deal with a derivability notion different from the one 
introduced earlier (cf. p.36), since RAA is dropped; therefore we should use a 
distinct notation, e.g. h^. However, we will continue to use h when no confu- 
sion arises. 

We can now adopt all results of the preceding parts that did not make use 
of RAA. 

The following list may be helpful: 

Lemma 5.2.1 (1) h tp A ■i/' ^ '0 A (p.32) 

( 2 ) 

(3) h (</5 A 0) A (7 A ('0 A (t) 

(4) h ((^ V 0) V (7 <->■ V (0 V (t) 

(5) h V (0 A (t) <->■ (:/? V 0) A (:/? V a) 

(6) h A (0 V (t) <->■ A 0) V {(f A a) (p.51) 

(7) \- (p — > ~^^ip (p.33) 

(8) h (v? ^ (0 ^ cr)) ^ A 0 ^ (j) (p.33) 

(9) h V? ^ (0 ^ ip) (p.37) 

(10) \- {-^p 0) (p.37) 

(11) I i(p V 0) —>p A -10 

(12) I <p V ->ijj ~^{p A 0) 

(13) h {^p V 0) ^ (<p ^ 0) 

(14) \- (p^tjj) ^ {-ill; -.vj)(p.37) 

(15) \- (p^tp)^ ((0 ^a)^{p^ a)) (p.37) 

(16) (</3 A ->f^) (p.37) 

(17) h 3x{p{x) V 0(a;)) 3xp{x) V 3x'ip{x) 

(18) h WxIpIx) a 0(a;)) \/xp{x) A 'ixip^x) 

(19) I <3xp{x) \/x^p{x) 

(20) h 3x^p\x) -A/xp\x) 

(21) h \/x{p ip{x)) ^ {p ^ \/xijj{x)) 

(22) h 3x\p 0(a:)) ^ (tp ^ 3xip\x)) 

(23) b (</3 V \/xijj{x)) yx{p V 0(a:)) 

(24) b (</3 A 3xip{x)) ^ 3a;(:/3 A ip{x)) 

(25) b 3x{p{x) ^ 0) — *■ {\/xp{x) 0) 

(26) b \/x\p\x) ^ 0) (3xf^(a;) ^ 0) 

(Observe that (19) and (20) are special cases of (26) and (25). 

All of those theorems can be proved by means of straight forward applica- 
tion of the rules. Some well-known theorems are conspicuously absent, and in 
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some cases there is only an implication one way; we will show later that these 
implications cannot, in general, be reversed. 

From a constructive point of view RAA is used to derive strong conclusions 
from weak premises. E.g. in I — upW-itl) the premise is weak (something 

has no proof) and the conclusion is strong, it asks for an effective decision. 
One cannot expect to get such results in intuitionistic logic. Instead there is 
a collection of weak results, usually involving negations and double negations. 



Lemma 5.2.2 (1) I — <(p <->■ 

(2) h tp) 

(3) \- {(p^tp) ^ ~^^tp) 

(4) I — '“'(</? —>■ Ip) ^ 

(5) I — >^{(p Alp) A -<-i'tp) 

(6) I — >A\/xip{x) —>■ yx^^(fi{x) 

r . 

In order to abbreviate derivations we will use the notation = in a deriva- 
tion when there is a derivation for F \- p {F has 0, 1 or 2 elements). 



Proof. (1) - 

again use 5. 2. 1(7) 



— t— 



follows from Lemma 5.2.1 (7). For the converse we 
[p A -^ipf 

p [p^p)Y 

lP -ntP 



_L 

^p 



2 



-.p 



np 



_L 

1 

-n{p tP) 

{pA^ip) ~^(p 'tp) 



2 



ip [-^tp]'^ 






_L 

— 1 



-^p 



_L 



—i—i'ip 



2 



np 



Ttp 



3 



(p^tp)^ {^^p ■ 



"V') 



4 
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Prove (3) also by using (14) and (15) from 5.2.1 

(4) Apply the intuitionistic half of the contraposition (Lemma 5.2.1(14)) to 

( 2 ): 



t((^ a -i' 0) Lp A -Tip 

-ncp 






Tip 



■^ip — > —I— Ip] 



T^i^ip > ■ 0 ) >■ > T—llp'j 

For the converse we apply some facts from 5.2.1. 



n{p -T P))Y 



t(- 1(^ V Tp) 
ITp A -Tp 



-.p 



\-^Tp — >■ —i—iipY 



-Ip] 



Yp -t p)Y 
-^{-^p V p) 

T—,p A -Ip 
—Ip 



± 



Pp -t p) 



{t^P >■ T—lp'j S- T^(^p > '0) 



(5) Apply (3) to pAp — > p and pAp -r p. The derivation of the converse 
is given below. 

[t(pAP)Y pAp 

[t^p a ^^PY 



_L 

Tp 



-.p 



np A ^^PY 

T-ip 



_L 

—Ip 



_L 



ppAp) 



{T-ip A -<-<p) -T -'t[p a P) 
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(6) h 3x^ip{x) -Nx(p{x)^ 5.2.1(20) 
so -^^yx^p{x) — > -^3x^^p{x), 5.2.1(14) 
hence ^^Va;<p(a;) — > 'ix^^^p{x). 5.2.1(19) 

Most of the straightforward meta-theorems of propositional and predicate 
logic carry over to intuitionistic logic. The following theorems can be proved 
by a tedious but routine induction. 



Theorem 5.2.3 (Substitution Theorem for Derivations) If T> is a 

derivation and $ a propositional atom, then 'D[ip/%] is a derivation if the free 
variables of tp do not occur bound in T>. 



Theorem 5.2.4 (Substitution Theorem for Derivability) If F \- a and 

$ is a propositional atom, then T[(/3/$] h cr[(/j/$], where the free variables of ip 
do not occur bound in a or F. 

Theorem 5.2.5 (Substitution Theorem for Equivalence) 

r\- {ifi ^ 1P2) ('0bi/$] ^ 1p[p2/^), 

F \- ipi -1^ tp2 ^ F \- '0[</3l/$] ^ iIj['P 2/%], 
where $ is an atomic proposition, the free variables of ip \ and tp 2 do not occur 
bound in F or if and the bound variables of if do not occur free in F. 

The proofs of the above theorems are left to the reader. Theorems of this 
kind are always suffering from unaesthetic variable-conditions. In practical 
applications one always renames bound variables or considers only closed hy- 
potheses, so that there is not much to worry. For precise formulations cf. Ch. 6. 

The reader will have observed from the heuristics that V and 3 carry most 
of the burden of constructiveness. We will demonstrate this once more in an 
informal argument. 

There is an effective procedure to compute the decimal expansion of 
7 t( 3, 1415927 .. .). Let us consider the statement ipn := in the decimal ex- 
pansion of 7T there is a sequence of n consecutive sevens. 

Clearly Piqq F99 holds, but there is no evidence whatsoever for 

^T’lOO V ipgg. 

The fact that A, — V, T do not ask for the kind of decisions that V and 3 
require, is more or less confirmed by the following 



Theorem 5.2.6 If ip does not contain V or 3 and all atoms but F in ip are 
negated, then \- ip 

Proof. Induction on ip. 

We leave the proof to the reader. (Hint: apply 5.2.2.) 



□ 
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By definition intuitionistic predicate (propositional) logic is a subsystem 
of the corresponding classical systems. Godel and Gentzen have shown, how- 
ever, that by interpreting the classical disjunction and existence quantifier in 
a weak sense, we can embed classical logic into intuitionistic logic. For this 
purpose we introduce a suitable translation: 



Definition 5.2.7 The mapping ° : FORM — > FORM is defined by 

(i) _L° := _L and ip° := for atomic (p dinstinct from _L . 

(a) (tp A := (f° A ip° 

(Hi) {ip V := A -rf°) 

(iv) {p 'ip)° := p° tp° 

(v) (yxp{x))° -.= ^xp°{x) 

(vi) l3xplx))° := -^yx->p°{x) 

This mapping is called the Godel translation. 

We define F° = {p°\p € F}. The relation between classical derivability (he) 
and intuitionistic derivability (h^ is given by 



Theorem 5.2.8 F \~c p ^ F° \~i p° . 

Proof. It follows from the preceding chapters that \~c p p° , therefore <J= is 
an immediate consequence of F \~i p ^ F \~c p. 

For =^, we use induction on the derivation T> of p from F. 

1. p G F, then also p° G F° and hence F° h^ p° . 

2. The last rule of I? is a propositional introduction or elimination rule. We 
consider two cases: 

I [p] Induction hypothesis 7^°, hi -0°. 

25 By — > / F° \- i p° ^ il}° , and so by definition 

r° h {p ^ 0)°. 

p^ij} 



\/E 


[^] 


m 


Induction hypothesis: F° hi {p V tp)° 


V 


Vi 


V2 


F°,p° h a°F°,r K 


p\/ Ip 


a 


a 


(where F contains all imcancelled 
hypotheses involved). 




A%°), 




F° h, -n{-^p° 


hi p° 


^a°,F° hi 0“ 



The result follows from the derivation below: 
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[^o]2 ^ 



t °13 



^013 






± 



n^p 



ntP° 






A -V'° 









O 



3 



a 



o 



The remaining rules are left to the reader. 

3. The last rule of T> is the falsum rule. This case is obvious. 

4. The last rule of I? is a quantifier introduction or elimination rule. Let us 
consider two cases. 



V/ V 

^p{x) 



'^X(p{x) 



3E : 



V 



Induction hypothesis: F° \~i (p{x)° 

ByV/ r° \~i yxip{x)° ,so r° \-i (yxip(x)y 



[(/j(a;)] Induction hypothesisiT” hi {3x(p{x)Y 



So r° hi (^Va;-'V3(a;))° and 
3xip{x) a r° ^,yx{ip{x)° ^cr°). 



\!x{(p{x)° — >■ a°) 
^{xY ^ 



3ix^(p{xY 



T 

yx^if{x)° 



We now get F° h^ a° . 
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5. The last rule of T> is RAA. 

Induction hypothesis F° , l-j_L . 

T> so r° hj -‘-i(/3°,and hence by Theorem 5.2.6 F° hj 
T 

ip □ 

Let us call formulas in which all atoms occur negated, and which contain 
only the connectives A,^,V, T, negative. 

The special role of V and 3 is underlined by 



Corollary 5.2.9 Classical predicate (propositional) logic is conservative over 
intuitionistic predicate (propositional) logic with respect to negative formulae, 
i.e. \~c p p for negative p. 

Proof. p° , for negative p, is obtained by replacing each atom p by ~^^p. Since 
all atoms occur negated we have \~i p° ^ p (apply 5. 2. 2(1) and 5.2.6). The 
result now follows from 5.2.8. □ 

In some particular theories (e.g. arithmetic) the atoms are decidable, i.e. 
F \- p\/ -<p for atomic p. For such theories one may simplify the Godel trans- 
lation by putting p° := p for atomic p. 

Observe that Corollary 5.2.9 tells us that intuitionistic logic is consistent 
iff classical logic is so (a not very surprising result!). 

For propositional logic we have a somewhat stronger result than 5.2.8. 



Theorem 5.2.10 (Glivenko’s Theorem) \~c p ~^^p. 

Proof. Show by induction on p that \~i p° -n^p (use 5.2.2), and apply 5.2.8. 

□ 



5.3 Kripke Semantics 

There are a number of (more or less formalized) semantics for intuitionistic 
logic that allow for a completeness theorem. We will concentrate here on the 
semantics introduced by Kripke since it is convenient for applications and it 
is fairly simple. 

Heuristic motivation. Think of an idealized mathematician (in this context 
traditionally called the creative subject), who extends both his knowledge and 
his universe of objects in the course of time. At each moment k he has a stock 
Afc of sentences, which he, by some means, has recognised as true and a stock 
Ak of objects which he has constructed (or created). Since at every moment 
k the idealized mathematician has various choices for his future activities 
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(he may even stop alltogether), the stages of his activity must be thought 
of as being partially ordered, and not necessarily linearly ordered. How will 
the idealized mathematician interpret the logical connectives? Evidently the 
interpretation of a composite statement must depend on the interpretation 
of its parts, e.g. the idealized mathematician has established or (and) ip at 
stage k if he has established ip at stage k or (and) ip at stage k. The implica- 
tion is more cumbersome, since ip ^ ip may be known at stage k without (p or 
Ip being known. Clearly, the idealized mathematician knows ip —> ip aA, stage 
k if he knows that if at any future stage (including k) ip is established, also ip 
is established. Similarly \/xip{x) is established at stage k if at any future stage 
(including k) for all objects a that exist at that stage ip{a) is established. 

Evidently we must in case of the universal quantifier take the future into 
account since for all elements means more than just “for all elements that 
we have constructed so far” ! Existence, on the other hand, is not relegated to 
the future. The idealized mathematician knows at stage k that 3xip{x) if he 
has constructed an object a such that at stage k he has established ip{a). Of 
course, there are many observations that could be made, for example that it 
is reasonable to add “in principle” to a number of clauses. This takes care of 
large numbers, choice sequences etc. Think of yxy3z{z = x'^), does the ide- 
alized mathematician really construct 10^° as a succession of units? For this 
and similar questions the reader is referred to the literature. 

We will now formalizealize the above sketched semantics. 

It is for a first introduction convenient to consider a language without 
functions symbols. Later it will be simple to extend the language. 

We consider models for some language L. 



Definition 5.3.1 A Kripke model is a quadruple 1C = {K, S, C, D) , where K 
is a (non-empty) partially ordered set, C a function defined on the constants 
of L, D a set valued function on K,S a function on K such that 

- C(c) € D{k) for all k G K, 

- D{k) 7 ^ 0 for all k G K, 

- S{k) C Atk for all k G K, 

where Atk is the set of all atomic sentences of L with constants for the ele- 
ments ofD(k). D and S satisfy the following conditions: 

(i) k < I ^ D{k) C D{1). 

(ii) K{k), for all k. 

(Hi) k < I C E{1). 

D(k) is called the domain of /C at k, the elements of K are called nodes 
of K.. Instead of “ip has auxilliary constants for elements of D{kf^ we say for 
short “if has parameters in D{kf\ 

S assigns to each node the ‘basic facts’ that hold at fc, the conditions (i). 
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(ii), (iii) merely state that the collection of available objects does not decrease 
in time, that a falsity is never established and that a basic fact that once has 
been established remains true in later stages. The constants are interpreted 
by the same elements in all domains (they are rigid designators). 

Note that D and S together determine at each node k a classical structure 
2l(/c) (in the sense of 2.2.1). The universe of 2l(A:) is D{k) and the relations of 
2l(/c) are given by S{k) as the positive diagram: (a) e i? 2 i(fc) jff g S{k). 

The conditions (i) and (iii) above tell us that the universes are increasing: 
k<l^ |a(fc)| C |2l(/)| 

and that the relations are increasing: 
k<l^ C 

Furthermore for all k and 1. 

In S{k) there are also propositions, something we did not allow in classical 
predicate logic. Here it is convenient for treating propositional and predicate 
logic simultaneously. 

The function S tells us which atoms are “true” in k. We now extend E to 
all sentences. 



Lemma 5.3.2 E has a unique extension to a function on K (also denoted by 
E) such that E(k) C Sentk, the set of all sentences with parameters in D(k), 
satisfying: 

(i) \/ if € E[k) (fi G E{k) or if £ E{k) 

(ii) (fi Aif G E{k) (fi G E{k) and if G E{k) 

(iii) ip ^ if G E{k) for all I > k (p G E{1) ^ if G E{1)) 

(iv) 3xp{x) G E{k) there is an a G D{k) such that p(a) G E(k) 

(v) yxp{x) G E(k) for all I > k and for all a G D(l) p{a) G E{1). 

Proof. Immediate. We simply define p G E(k) for all fc G if simultaneously 
by induction on p. □ 

Notation. We write k\\- p for p G E(k), pronounce ‘A: forces p\ 

Exercise for the reader: reformulate (i) - (v) above in terms of forcing. 



Corollary 5.3.3 (i) k II — <p for all I > k l\[/ p. 

(ii) k II — <^p for all I > k there exists a p > I such that (plh p). 

Proof. k\G ^p k\\- p for all I > k{l\G p ZlhT) for all 

I > k l\\/ p. 

k II i^p for all I > k l\[/ ~^p for alH > fc not ( for all p > I p\l/ p) 

for all Z > fc there is a p> I such that ph p. □ 



The monotonicity of E for atoms is carried over to arbitrary formulas. 
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Lemma 5.3.4 (Monotonicity of Ih) k < I, kh ip ^ l\\- (p . 

Proof. Induction on p. 

atomic p : the lemma holds by definition 5.3.1. 

p = p\ t\ pi : let /c Ih A (/32 and k < I, then k\\- pi A pi fcih pi and 
fcih =k (ind. hyp.) Zlh pi and l\\- pi l\\- pi A pi. 
p = pi\j pi : mimic the conjunction case. 

p = Pi ^ Pi Let k\\- Pi — > pi^ I > k. Suppose p > I and plh pi then, since 
p > k,p\\- Pi. Hence l\\- pi ^ pi. 
p = 3xpi{x) : immediate. 

p = yxpi{x) : let k\\- 'ixpi{x) and I > k. Suppose p > I and a G D{p), then, 
since p> fc,plh pi{a). Hence Zlh \/xpi{x). □ 

We will now present some examples, which refute classically true formulas. 
It suffices to indicate which atoms are forced at each node. We will simplify 
the presentation by drawing the partially ordered set and indicating the atoms 
forced at each node. For propositional logic no domain function is required 
(equivalently, a constant one, say D{k) = {0} ), so we simplify the presenta- 
tion accordingly. 



(a) In the bottom node no atoms are known, in the second one only p, to 

be precise fcoll/ p^ki\\- p. By 5.3.3 fcoll so k^Wf -^^p — > p. Note, 

however, that kg 11/ ~^p, since ki Ih p. So k^W/ p\/ ~^p. 

(b) ki\\/ p Aif (i = 0, 1, 2), so ko II — <{p A ip). By definition, ko II — <p V -iip 

ko II — <p or ko II — 1/>. The first is false, since ki Ih p, and the latter is false, 
since ki\\~ ip. Hence feg ^{p A ip) ~'P V -^ip. 

(c) The bottom node forces ip ^ p, but it does not force ~^ip V p (why?). So 
it does not force {ip ^ p) ^ (->/) V p). 

(d) In the bottom node the following implications are forced: pi ^ pi, ps —>■ 
P2 tP3 — ^ Pi, but none of the converse implications is forced, hence fcoll/ 
{pi ^ P2) V {pi ^ ps) V (f^3 ^ pi). 

We will analyse the last example a bit further. Consider a Kripke model 
with two nodes as in d, with some assignment S of atoms. We will show 
that for four arbitrary propositions cti , (T2 , <73 , 0-4 

fcolb ^ ( 7 i aj, i.e. from any four propositions at least two are 

l<i<j<4 

equivalent. 

There are a number of cases. (1) At least two of 0-4, ct 2, (73, 174 are forced in 
fcg. Then we are done. (2) Just one is forced in fcp. Then of the remaining 




a 



b 



c 



d 
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propositions, either two are forced in fci, or two of them are not forced in 
ki . In both cases there are (Tj and aj> , such that feg Ih aj aji . (3) No ai 
is forced in ko. Then we may repeat the argument under (2). 




(e) (i) ko\\- (f ^ 3xa{x), for the only node that forces ip is ki, and 

indeed fci Ih cr(l), so fci Ih 3xa{x). 

Now suppose fco 11“ 3x{ip — *■ cr(x)), then, since D(ko) = {0}, 
k^W- (p ^ o'(O)- But ki Ih (p and fci 11/ cr(0). 

Contradiction. Hence fcol/ {p> 3xa{x)) — > 3x{(p tr(a:)). 

Remark, (ip —f 3 x(t(x)) —>■ 3x(ip er(x)) is called the independence of 
premise principle. It is not surprising that it fails in some Kripke models, 
for tp — > 3xa(x) tells us that the required element a for cr(a) may depend on 
the proof of p (in our heuristic interpretation); while in 3x(p — *■ cr(a;)), the el- 
ement a must be found independently of p. So the right hand side is stronger. 

(ii) fco II Nxiffx) ki 11/ yxif{x){i = 0, 1). fci 11/ V'(l), so we have shown 

fco II — Nxtj){x). fcolh 3x^il){x) <t4> fco II — '/’(O). However, fci Ih i/(0), so 
fco 11/ 3x^ijj{x). Hence fco 11/ -Nxif{x) 3x^if{x). 

(iii) A similar argument fs fco 11/ {ix'if{x) ^ r) — > 3x{tp{x) r), where 
T is not forced in fci. 

(f) D{ki) = {0, . . . , i}, S{ki) = {v3(0), ...,p(i- 1)}, fco Ih \/x^^p(x) ^ for 
all i ki II — '^p{j),j < i- The latter is true since for all p > i kp Ih p{j), 

j < i. Now fco 1 1 <^\/xp{x) for all i there is a / > i such that fc^lh 

\/xp{x). But no kj forces \/xp(x). So k^W/ x^-^p{x) -^^'ixp{x). 

Remark. We have seen that ^^'ixp{x) — *■ yx~'^p{x) is derivable and it is 
easily seen that it holds in all Kripke models, but the converse fails in some 
models. The schema flx^^pix) — > ^^flxpix) is called the double neqation 
shift (DNS). 

The next thing to do is to show that Kripke semantics is sound for intuitionistic 
logic. 
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We define a few more notions for sentences: 

(i) K,\r ii k\\- If for all k £ K. 

(ii) \r f \i JC\r f for all JC. 

For formulas containing free variables we have to be more careful. Let 
f contain free variables, then we say that k\\- f iE k\\- Cl{f) (the universal 
closure) . For a set F and a formula f with free variables Xi ^ , , Xi ^ , . . . (which 

we will denote by x), we define Flh f by: for all /C, k £ K and for all 
(a£ D{k)) [fcIF '0(a) for all 0 € F fclh f{a)]. [a£ D{k) is a convenient 
abuse of language). 

Before we proceed we introduce an extra abuse of language which will 
prove extremely useful: we will freely use quantifiers in our meta-language. 
It will have struck the reader that the clauses in the definition of the Kripke 
semantics abound with expressions like “for all I > fc”,“ for all a £ D{ky\ 
It saves quite a bit of writing to use ‘VI > fc”, “Va £ D{ky' instead, and it 
increases systematic readability to boot. By now the reader is well used to 
the routine phrases of our semantics, so he will have no difficulty to avoid a 
confusion of quantifiers in the meta-language and the object-language. 

By way of example we will reformulate the preceding definition: 
rih f := (V/C)(Vfc G K)(V aG F(A:))[V0 G F{kh 0(a)) ^ kh 

There is a useful reformulation of this “semantic consequence” notion. 



Lemma 5.3.5 Let F be finite, thenF\\-f-^ \r Cl{H\ F ^ f) (where Cl (X) 
is the universal closure of X). 

Proof. Left to the reader. □ 



Theorem 5.3.6 (Soundness Theorem) F \- f ^ F\\- f. 

Proof. Use induction on the derivation T> of f from F. We will abbreviate 
“A: IF 0(a) for all 0 G F” by “/clh F(a)”. The model K. is fixed in the proof. 

(1) T> consists of just f, then obviously fclh F(a) fclh f{a) for all fc and 
(a) G D{k). 

(2) T> ends with an application of a derivation rule. 

(a/) Induction hypothesis: VfcV a£ F(fc)(fclh F(a) fclh fi{a)), for 
i = 1,2. Now choose a, k £ K and a£ D{k) such that fclh F{a), then 
fclh fi{a) and fclh f2{a), so fclh {fi A <p2)(a). 

Note that the choice of a did not really play a role in this proof. To 
simplify the presentation we will suppress reference to a , when it does 
not play a role. 

(AF)) Immediate. 

(V/) Immediate. 
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(Vi?) Induction hypothesis: \/k{k\\- F ^ k\\- (pV '0),Vfc(fcll- F,ip^ fclh cr), 
Vfc(fcll- r,il) ^ k\\- a). Now let fclh F, then by i.h. fclh V "0, so fclh or 
fclh Ip. In the first case fclh F,p, so fclh cr. In the second case fclh F,tp, so 
fclh a. In both cases fclh cr, so we are done. 

(— > /) Induction hypothesis: (Vfc)(V oG D{k)){k\\- F{a),ip{a) 

fclh 0(a)). Now let fclh F{a) for some aG D{k). We want to show 
fclh {(fi ^ tp){a), so let I > k and / Ih <p{a). By monotonicity Z Ih F{a), and 
aG D{1), so the ind. hyp. tells us that Zlh 0(a). Hence VZ > fc(Zlh (p{a) 
^ Zlh tp{a)), so fclh {(p tp){a). 

(— > E) Immediate. 

(±) Induction hypothesis Vfc(fclh F fclh_L). Since, evidently, no fc can force 
F, Vfc(fclh F fc Ih :p) is correct. 

(V/) The free variables in F are x, and 2 does not occur in the sequence 
X. Induction hypothesis: (Vfc)(V a, 6 G D{k))(k\\- F(a) fclh p{a,b)). 
Now let fclh F{a) for some aG D{k), we must show fclh \/zp{a,z). So let 
I > fc and b G D{1). By monotonicity Zlh F{a) and aG D{1), so by the 
ind. hyp. Zlh p{a,b). This shows (VZ > fc)(V6 G D{1)){1\\- p{{a,b), and 
hence fc Ih yzp{ a,z). 

(Vi?) Immediate. 

(3i) Immediate. 

(3i?) Induction hypothesis: (Vfc)(V aG D{k){k\\- F{a) fclh Bzp{a,z)) 
and (Vfc)(V a,b G D{k){k\\- p{a ,b),k\\- F{a) => fclh cr(a)). Here the 
variables in F and cr are x , and z does not occur in the sequence x . Now 
let fclh F{a), for some aG D{k), then fclh 3zp{a,z). So let fclh p{a,b) 
for some b G D{k). By the induction hypothesis fclh cr( a). □ 



For the Completeness Theorem we need some notions and a few lemma’s. 



Definition 5.3.7 A set of sentences F is a prime theory with respect to a 
language L if 

(i) F is closed under h 

(ii) pV ip G F ^ p G F or ip G F 

(Hi) 3xp{x) G T => p{c) G F for some constant c in L. 

The following is analogue of the Henkin construction combined with a 
maximal consistent extension. 



Lemma 5.3.8 Let F and p he closed, then if F p, there is a prime theory 
F' in a language L' , extending F such that F' \f p. 
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Proof. In general one has to extend the language L of by a suitable set of 
‘witnessing’ constants. So we extend the language L of by a denumerable 
set of constants to a new language L'. The required theory P' is obtained by 
series of extensions Iq C Ti C T 2 . . .. We put Fq := F. 

Let Fk be given such that F^'t/ and contains only finitely many new 
constants. We consider two cases. 

k is even. Look for the first existential sentence 3xtjj{x) in L' that has not 
yet been treated, such that F^ h 3xtf{x). Let c be the first new constant 
not in Fk. Now put Fk+i := Fk U {'0(c)}. 



k is odd. Look for the first disjunctive sentence ifi V 02 with 10 h 0i V 02 that 
has not yet been treated. Note that not both Fk^'ipi b if and 10,02 b f 
for then by V3 10 b tp. 



Now we put: 70_|_i := 



A U |0i} if A, 01 1/ if 
rk U 102} otherwise. 



Finally: A := (J A- 

k>0 

There are a few things to be shown: 

1. F' [/ ip. We first show Fi [/ phy induction on i. For z = 0, Fa\/ p holds 
by assumption. The induction step is obvious for i odd. For i even we 
suppose A+i b p. Then A, 0(c) b p. Since Fi b 3x0(x), we get Fi \- p 
by 3E, which contradicts the induction hypothesis. Hence A+i V 
therefore by complete induction Fi\/ p for all i. 

Now, li F' \- p then A b for some i. Contradiction. 



2. T' is a prime theory. 

(a) Let 0iV02 S F' and let k be the least number such that A b 0iV02. 
Clearly 0i V 02 has not been treated before stage k, and A b 0i V 02 
for h> k. Eventually 0i V 02 has to be treated at some stage h > k, 
so then 0i g A+i or 02 S A+i, and hence 0i € F' or 02 € T'. 

(b) Let 3a;0(a;) € A, and let k be the least number such that A b 
3xif{x). For some h> k 3xtp{x) is treated, and hence 0(c) g A+i C 
F' for some c. 

(c) F' is closed under b. If F' b 0, then A b 0 V 0, and hence by (a) 
0 g A. 

Conclusion: F' is a prime theory containing F, such that F' p. □ 



The next step is to construct for closed F and p with F p, & Kripke 
model, with /C lb F and k\\/ p for some k G K. 
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Lemma 5.3.9 (Model Existence Lemma) If F tp then there is a 
Kripke model K, with a bottom node ko such that ko\\- F and koW/ ip. 

Proof: We first extend L to a suitable prime theory F' such that F' p. F' has 
the language L' with set of constants C . Consider a set of distinct constants 
{CmK > 0, TO > 0} disjoint with C . A denumerable family of denumerable sets 
of constants is given by C® = {c\^\m > 0}. We will construct a Kripke model 
over the poset of all finite sequences of natural numbers, including the empty 
sequence (), with their natural ordering, “initial segment of’. 

Define C(()) := C and C{n) = C((}) U C° U . . . U for n of positive 
length k. L{n) is the extension of L by C(n)^ with set of atoms At{n). Now 
put D{n) := C{n). We define F{n) by induction on the length of n. 

S{{)) := F' n At{{)). Suppose S{n) has already been defined. Consider 
an enumeration (cto, tq), (cti, ti), ... of all pairs of sentences in L{n) such that 
F{n), (ji \f Ti- Apply Lemma 5.3.8 to F{n)U{ai} and Ti for each i. This yields 
a prime theory F{n,i) and L{n,i) such that <7i € F{n,i) and F{n,i) V F- 

Now put F{n,i) '■= C(n,i) n At{n,i)- We observe that all conditions for 
a Kripke model are met. The model reflects (like the model of 3.1.11) very 
much the nature of the prime theories involved. 

Claim: n \\- if ^ ^{n) h if. 

We prove the claim by induction on if. 

- For atomic if the equivalence holds by definition. 

- if = if I f\ if 2 - immediate 

- if = ifiM lf2- 

(a) n \\- ifiV -02 \\- ifi or n |h 02 => (ind. hyp.) F{n) h ifi or 

F(n) F 02 ^ r(n) F 0i V 02. 

(b) F{n) F 01 V 02 F{n) F 0i or F{n) F 02, since F{n) is a prime 
theory (in the right language L{n)). So, by induction hypothesis, n IF 0i 
or n IF 02, and hence n IF 0i V 02. 

- if = ifl —Hf2- 

(a) n IF 01 ^ 02. Suppose F{n) 1/ 0i ^ 02, then T(n),0i 1/ 02. By the 
definition of the model there is an extension m= (rig, • ■ ■ ,nk-i,i) of n 
such that F{n) U {ifi} C F{m) and F{m) 1/02. By induction hypothesis 
TO I F 01 and by m>n and n I F 0i ^ 02, to IF 02. Applying the 
induction hypothesis once more we get F{m) F if 2 . Contradiction. Hence 
F(n) F 01 ^ 02. 

(b) The converse is simple; left to the reader. 

- if = \/xif{x). 

(a) Let n IF yxp{x), then we get V m>n Vc S C{m){m IF p{c)). Assume 
F{n) [/\/xp{x), then for a suitable i F{n,i) V '^xp{x) (take T for ai in 
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the above construction). Let c be a constant in L{n,i) not in r{n,i), then 
r{n,i) \f V5(c), and by induction hypothesis (n,z)ll/ v^(c). Contradiction. 
(b)C(n) h yx^p{x). Suppose n 11/ Vx<p(a;), then m 11/ if[c) for some m>n 
and for some c S L{m), hence r{m) 1/ <p(c) and therefore r{m) 1/ \/xip{x). 
Contradiction. 

- Ip = 3xLp{x). 

The implication from left to right is obvious. For the converse we use the 
fact that r{n) is a prime theory. The details are left to the reader. 

We now can finish our proof. The bottom node forces F and (p is not forced. □ 

We can get some extra information from the proof of the Model Existence 
Lemma: (i) the underlying partially ordered set is a tree, (ii) all sets D{m) 
are denumerable. 

From the Model Existence Lemma we easily derive the following 



Theorem 5.3.10 (Completeness Theorem Kripke) F \~i ip FW- p 

(F and p closed). 

Proof. We have already shown =J>. For the converse we assume Fi p and 
apply 5.3.9, which yields a contradiction. □ 

Actually we have proved the following refinement: intuitionistic logic is 
complete for countable models over trees. 

The above results are completely general (safe for the cardinality restric- 
tion on L), so we may as well assume that F contains the identity axioms 
/i, . . . , /4 (2.6). May we also assume that the identity predicate is interpreted 
by the real equality in each world? The answer is no, this assumption consti- 
tutes a real restriction, as the following theorem shows. 



Theorem 5.3.11 If for all k G K k\\- a = b ^ a = b for a,b € D{k) then 
K, IF \/xy{x = yV X ^ y). 

Proof. Let a,b G D(k) and k\\/ a = b, then a ^ b, not only in D(k), but in all 
D{1) for I > k, hence for all I > k,l\\/ a = b, so kh a ylb. □ 

For a kind of converse, cf. Exercise 18. 

The fact that the relation a b in 2l(fc), given by fclh a = 5, is not the iden- 
tity relation is definitely embarrassing for a language with function symbols. 
So let us see what we can do about it. We assume that a function symbol F 
is interpreted in each k hy a function F/. We require k < I ^ Fk C Fi. F 
has to obey I 4 -.W xy (^x = y ^ F{x) = F{y)). For more about functions see 
Exercise 34. 
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Lemma 5.3.12 The relation is a congruence relation on 2t(fc), for each k. 

Proof. Straightforward, by interpreting /i — J 4 □ 

We may drop the index k, this means that we consider a relation ~ on the 
whole model, which is interpreted node-wise by the local ~fc’s- 
We now define new structures by taking equivalence classes: 2t*(fc):=2t(fc)/~fe, 
i.e. the elements of |2l*(fc)| are equivalence classes a/~fe of elements a G D{k), 
and the relations are canonically determined by 

R*f.{a/ Rk{a,...), similarly for the functions F^{a/ = 

The inclusion 2l(A:) C 21(1), for A: < 1, is now replaced by a map fki '■ 
2l*(lc) ^ 2l*(l), where fki is defined by fki(a) = for a G |2t*(A:)|. To be 
precise: 

a/~fc' — *■ so we have to show a a' ^ a a' to ensure the well- 

definedness of fki- This, however, is obvious, since fclh a = a' 1 Ih a = a'. 



Claim 5.3.13 fki is a homomorphism. 

Proof. Let us look at a binary relation. Rl(a/ ~, 6 /~) Rk{a,b) fclh 
i?(a, b) ^ Ih R{a, b) Rifa, b) ^ R*{a/^, b/^). 

The case of an operation is left to the reader. □ 

The upshot is that we can define a modified notion of Kripke model. 



Definition 5.3.14 A modified Kripke model for a language L is a triple K, = 
{K, 21, /) such that K is a partially ordered set, 21 and f are mappings such 
that for k G K, 2l(A:) is a structure for L and for k,l G K with k < I f(k, 1) is 
a homomorphism from 2l(fc) to 21(1) and f(l, m) o f(k, 1) = /(Ic, m), 
f{k, k) = id. 

Notation. We write fki for f{k,l), and for 2t(fc) |= ip, for atomic (p. 

Now one may mimic the development presented for the original notion of 
Kripke semantics. 

In particular the connection between the two notions is given by 



Lemma 5.3.15 Let 1C* be the modified Kripke model obtained from JC by 
dividing out ~. Then k\G p(a) k\G* p(a /~) for all k G K. 

Proof. Left to the reader. □ 



Corollary 5.3.16 Intuitionistic logic (with identity) is complete with respect 
to modified Kripke semantics. 
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Proof. Apply 5.3.10 and 5.3.15. □ 

We will usually work with ordinary Kripke models, but for convenience we 
will often replace inclusions of structures 2l(A:) C 2l(/) by inclusion mappings 
2l(/c) 2l(Z). 



5.4 Some Model Theory 

We will give some simple applications of Kripke’s semantics. The first ones 
concern the so-called disjunction and existence properties. 



Definition 5.4.1 A set of sentences P has the 

(i) disjunction property (DP) if Pl-ipWip^Pl-ip or P \- f). 

(ii) existence property (EP) if P \- 3x(p{x) T h ip(t) for some closed term 
t (where V '0 and 3xip{x) are closed). 

In a sense DP and EP reflect the constructive character of the theory 
r (in the frame of intuitionistic logic), since it makes explicit the clause ‘if 
we have a proof of 3xip{x), then we have a proof of a particular instance’, 
similarly for disjunction. 

Classical logic does not have DP or EP, for consider in propositional logic 
Po V ^Po- Clearly he po V ^po, but neither he po nor he ~^po^- 

Theorem 5.4.2 Intuitionistic propositional and predicate logic without func- 
tions symbols have DP. 

Proof. Let h V 0, and suppose 1/ (p and 1/ 0, then there are Kripke models 
/Cl and IC 2 with bottom nodes fci and /c 2 such that ki 11/ ip and /c 2 11/ 0. 
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It is no restriction to suppose that the partially ordered sets K \ , K 2 of /Ci and 
K .2 are disjoint. 

We define a new Kripke model with K = Ki U K 2 U {fco} where kg ^ 
Ki U K 2 , see picture for the ordering. 

( 2li(fc) for k G Ki 
We define 2t(fc) = < 2l2(fc) for k G K 2 
[ |2l| for k = ko. 

where |2t| consists of all the constants of L, if there are any, otherwise |2t| con- 
tains only one element a. The inclusion mapping for 2l(fco) ^ = 1, 2) 

is defined by c 1 — > if there are constants, if not we pick G ar- 

bitrarily and define / 01 (a) = ai, / 02 (a) = 02 . 21 satisfies the definition of a 
Kripke model. 

The models /Ci and IC 2 are ‘submodels’ of the new model in the sense that the 
forcing induced on JCi by that of JC is exactly its old forcing, cf. Exercise 13. 
By the Completeness Theorem fco b < 7 ’ V ■i/', so fco lb ip or fco lb -ip. If fco lb cp, 
then fci lb p. Contradiction. If fco b i/, then fc 2 b tjj. Contradiction. So 1/ and 
\/ tjj is not true, hence \- p oy \- tjj. □ 

Observe that this proof can be considerably simplified for propositional 
logic, all we have to do is place an extra node under fci and fc 2 in which no 
atom is forced (cf. Exercise 19). 



Theorem 5.4.3 Let the language of intuitionistic predicate logic contain at 
least one constant and no function symbols, then EP holds. 

Proof. Let b 3xp{x) and 1/ p{c) for all constants c. Then for each c there is 
a Kripke model ICc with bottom node kc such that kc 1/ p{c). Now mimic the 
argument of 5.4.2 above, by taking the disjoint union of the ICfs and adding 
a bottom node fco. Use the fact that fco lb 3xp{x). □ 

The reader will have observed that we reason about our intuitionistic logic 
and model theory in a classical meta-theory. In particular we use the principle 
of the excluded third in our meta-language. This indeed detracts from the 
constructive nature of our considerations. For the present we will not bother 
to make our arguments constructive, it may suffice to remark that classical 
arguments can often be circumvented, cf. Chapter 6. 

In constructive mathematics one often needs stronger notions than the 
classical ones. A paradigm is the notion of inequality. E.g. in the case of the 
real numbers it does not suffice to know that a number is unequal (i.e. not 
equal) to 0 in order to invert it. The procedure that constructs the inverse 
for a given Cauchy sequence requires that there exists a number n such that 
the distance of the given number to zero is greater than 2“". Instead of a 
negative notion we need a positive one, this was introduced by Brouwer, and 
formalized by Heyting. 



5.4 Some Model Theory 175 



Definition 5.4.4 A binary relation # is called an apartness relation if 
(i) \/xy{x = y^ ~^xffy) 

(a) Vxyixffy ^ y#x) 

(Hi) 'ixyz{x#y xffz V y#z) 



Examples. 

1. For rational numbers the inequality is an apartness relation. 

2. If the equality relation on a set is decidable (i.e. yxy{x = y V x ^ y)), 
then yf is an apartness relation (Exercise 22). 

3. For real numbers the relation \a — b\ > 0 is an apartness relation (cf. 
Troelstra-van Dalen, 2.7, 2.8.). 

We call the theory with axioms (i), (ii), (iii) of 5.4.4 AP, the theory of apart- 
ness (obviously, the identity axiom x\ = X 2 /\ y\ = y 2 f\ xiffyi — *■ X 2#?/2 is 
included). 



Theorem 5.4.5 AP h \/xy{^^x = y ^ x = y). 

Proof. Observe that -^-ix = y <-> -^-'-'xffy <-> ~^xffy x = y. □ 

We call an equality relation that satisfies the condition \/xy{^^x = y ^ x = y) 
stable. Note that stable is essentially weaker than decidable (Exercise 23). 

In the passage from intuitionistic theories to classical ones by adding the 
principle of the excluded third usually a lot of notions are collapsed, e.g. 
-^-'X = y and x = y. Or conversely, when passing from classical theories to 
intuitionistic ones (by deleting the principle of the excluded third) there is 
a choice of the right notions. Usually (but not always) the strongest notions 
fare best. An example is the notion of linear order. 

The theory of linear order, LO, has the following axioms: 

(i) 'ixyz(x <y/\y<z^x<z) 

(ii) 'ixyz(x <y ^ z <y\! X < z) 

(iii) 'ixyz(x = y ^ ^x < y A ^y < x). 

One might wonder why we did not choose the axiom \/xyz{x < y\/ x = y\/ y < 
x) instead of (ii), it certainly would be stronger! There is a simple reason: the 
axiom is too strong, it does not hold, e.g., for the reals. 

We will next investigate the relation between linear order and apartness. 

Theorem 5.4.6 The relation x<yVy<x is an apartness relation. 

Proof. An exercise in logic. □ 

Conversely, Smoryhski has shown how to introduce an order relation in 
a Kripke model of AP: Let /Clh AP, then in each D{k) the following is an 
equivalence relation: k\\f affb. 

(a) fc IF a = a <-!■ since fc IF a = a we get k II <affa and hence k 11/ affa. 
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(b) k Ih a#fo <-> 6#a, so obviously k 11 / a#6 ^ k\[/ b^j^a. 

(c) let fell/ /cll/ 6#c and suppose fclh a#c, then by axiom (iii) fclh a#6 
or fclh c#6 which contradicts the assumptions. So fcll/ a^j^c. 

Observe that this equivalence relation contains the one induced by the iden- 
tity; fclh a = 6 => fcll/ a^h. The domains D(k) are thus split up in equivalence 
classes, which can be linearly ordered in the classical sense. Since we want 
to end up with a Kripke model, we have to be a bit careful. Observe that 
equivalence classes may be split by passing to a higher node, e.g. if fc < ^ and 
fc 11/ a#6 then I Ih a#6 is very well possible, but 1 11/ a#6 fc 11/ a#5. We take 
an arbitrary ordering of the equivalence classes of the bottom node (using the 
axiom of choice in our meta-theory if necessary). Next we indicate how to 
order the equivalence classes in an immediate successor ^ of fc. 

The ‘new’ elements of D{1) are indicated by the shaded part. 

(i) Consider an equivalence class [ao]fe in D{k), and look at the corresponding 
set flo := U{[a]/|a € [oo]fc}. 

This set splits in a number of classes; we order those linearly. Denote the 
equivalence classes of Oq by aob (where 6 is a representative). Now the 
classes belonging to the b' s are ordered, and we order all the classes on 
(Jao|ao S D{k)} lexicographically according to the representation a^b. 

(ii) Finally we consider the new equivalence classes, i.e. of those that are not 
equivalent to any 6 in lJ{®o|ao € D{k)}. We order those classes and put 
them in that order behind the classes of case (i) . 



Under this procedure we order all equivalence classes in all nodes. 

We now define a relation Rk for each fc: Rk{a, b) := [a]fe < [b]k, where < is the 
ordering defined above. By our definition fc < I and Rk{a,b) => Ri{a,b). We 
leave it to the reader to show that /4 is valid, i.e. in particular fclh \/xyz{x = 
x' A X < y ^ x' < y), where < is interpreted by Rk . 
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Observe that in this model the following holds: 

(#) Vxy{x#y ^ X < yV y < x), 

for in all nodes k, k Ih a^b ^ k\\- a < b oy k\\- b < a. 

Now we must check the axioms of linear order. 

(i) transitivity, fcolb \/xyz{x < y A y < z ^ x < z) for all k > ko, for 
all a,b,c G D{k)k\\- a < 6 A 6 < c ^ a < c for all fc > /cq, for all 
a,b,c G D{k) and for all I > k l\\- a < b and l\\- b < c ^ Ih a < c. 

So we have to show Ri{a,b) and Ri{b,c) => Ri{a,c), but that is indeed the 
case by the linear ordering of the equivalence classes. 

(ii) (weak) linearity. We must show feg lb yxyz{x <y^z<y\/x<z). Since 
in our model \/xy{x^y ^x<y\/y<x) holds the problem is reduced to 
pure logic: show: 

AP + \/xyz{x <yAy<z^x<z)+ \/xy{x^y ^x<y\/y<x)\- 
\/xyz{x < y ^ z < y\/ X < z). 

We leave the proof to the reader. 

(iii) anti- symmetry. We must show k^ lb 'ixy{x = y ^ ^x < y A ^y < x). As 
before the problem is reduced to logic. Show: 

AP + \/xy{x^y ^x<y\/y<x)\- \/xy{x = y ^ ^x < y A ^y < x). 

Now we have finished the job ~ we have put a linear order on a model with 
an apartness relation. We can now draw some conclusions. 



Theorem 5.4.7 AP + LO + (^) is eonservative over LO. 

Proof. Immediate, by Theorem 5.4.6. □ 



Theorem 5.4.8 (van Dalen-Statman) AP + LO + (ff) is eonservative 
over AP. 

Proof. Suppose AP 1/ ip, then by the Model Existence Lemma there is a tree 
model 1C of AP such that the bottom node ko does not force (p. 

We now carry out the construction of a linear order on K, the resulting model 
K.* is a model of AP + LO + (#), and, since p does not contain <, ko 11/ p. 
Hence AP + LO + (ff) 1/ p. This shows the conservative extension result: 
AP + LO + (ff) \- p ^ AP b for p in the language of AP. □ 

There is a convenient tool for establishing elementary equivalence between 
Kripke models: 



178 



5 Intuitionistic Logic 



Definition 5.4.9 (i) A bisimulation between two posets A and B is a relation 
R Q Ax. B such that for each a, a' , b with a < a', aRb there is a b' with a^Rb' 
and for each a, b, b' with aRb, b < b' there is an a' such that a' Rb' . 

(a) R is a bisimulation between propositional Kripke models A and B if it is 
a bisimulation between the underlying posets and if aRb ^(a) = S{b) (i.e. 
a and b force the same atoms). 

Bisimulations are useful to establish elementary equivalence node-wise. 



Lemma 5.4.10 Let R be a bisimulation between A and B then for all 
a, b, Lp, aRb (a Ih p b\\- p) . 

Proof. Induction on p. For atoms and conjunctions and disjunctions the 
result is obvious. 

Consider p = pi P 2 . 

Let aRb and a\\- p\ — > p2. Suppose b\\/ pi — > p2, then for some b' >b b' \\- 
pi and b' 11/ p 2 . By definition, there is an a' > a such that a'Rb' . By induction 
hypothesis a' IF pi and a' 11/ p 2 . Contradiction. 

The converse is completely similar. □ 



Corollary 5.4.11 If R is a total bisimulation between A and B, i.e. domR = 
A,ranR = B, then A and B are elementarily equivalent (A\\~ p B\\- p) . 

We end this chapter by giving some examples of models with unexpected 
properties. 

1 . 




/ is the identity and g is the canonical ring homomorphism Z — > 'Ll (2). 
/C is a model of the ring axioms (p. 86). 

Note that fcod" 3 yf 0,fcoll/ 2 = 0,/coH/ 2 yf 0 and /cqII/ 'ix{x yf 0 ^ 
^y{xy = 1)), but also ka\\/ 3x{x yf 0 A 'dy{xy yf 1)). We se that /C is a 
commutative ring in which not all non-zero elements are invertible, but 
in which it is impossible to exhibit a non-invertible, non-zero element. 
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2 . 




Again / and g are the canonical homomorphisms. JC is an intuitionistic, 
commutative ring, as one easily verifies, medskip 

JC has no zero-divisors: A:oll '3xy{x 0 A ?/ 0 A xy = 0) for all 

i ki 11/ 3xy{x yf 0 A y yf 0 A a;y = 0). (1) 

For z = 1,2 this is obvious, so let us consider i = 0. fco I h 3xy{x yf 
0Ayyf0Axy = 0)<tAA:oll-?7iyf0Anyf0A mn = 0 for some m, n. So 
m yf 0, n yf 0, mn = 0. Contradiction. This proves (1). 

The cardinality of the model is rather undetermined. We know fco I b 
3xy{x yf y) - take 0 and 1, and ko\\- ~^3xiX2X3 /A Xi yf Xj. But 

note that fcgll/ 30 : 12:213 2:1 yf Xj,ko\[/ \/xiX 2 X^X 4 ^ w Xi = Xj 

i<«<i<3 i<«<i<4 

and 11 / -^3x\X2Xz fA X\ yf Xj. 

Observe that the equality relation in 1C is not stable: fcg II ^^0 = 6, but 

fco 1/ 0 = 6. 



ki 




ko 




Sn is the (classical) symmetric group on n elements. Choose n > 3. fco 
forces the group axioms (p. 85). fco II — Nxy{xy = yx)^ but fcg 11/ 32:y(2;y yf 
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yx), and fcoll/ ^xy{xy = yx). So this group is not commutative, but one 
cannot indicate non-commuting elements. 



Define an apartness relation by k\ Ih a#6 <1^ a 6 in Z/ (2), idem for ^ 2 - 
Then /Clh Va;(a;#0 — > ^y{xy = 1)). 

This model is an intuitionistic field, but we cannot determine its char- 
acteristic. ki h \/x{x -I- a; = 0), /c 2 lb Va;(a; -|- a; -I- a; = 0). All we know is 
/Clh Va;(6.a; = 0). 

In the short introduction to intuitionistic logic that we have presented we 
have only been able to scratch the surface. We have intentionally simplified 
the issues so that a reader can get a rough impression of the problems and 
methods without going into the finer foundational details. In particular we 
have treated intuitionistic logic in a classical meta-mathematics, e.g. we have 
freely applied proof by contradiction (cf. 5.3.10). Obviously this does not do 
justice to constructive mathematics as an alternative mathematics in its own 
right. For this and related issues the reader is referred to the literature. A 
more constructive appraoch is presented in the next chapter. 

Exercises 

1. (informal mathematics). Let ^p(ji) be a decidable property of natural 
numbers such that neither 3rup(n), nor Wn^ip^n) has been established 
(e.g. “n is the largest number such that n and n -I- 2 are prime”). Define 
a real number a by the cauchy sequence: 



Show that (a„) is a cauchy sequence and that is rational”, but 

there is no evidence for “a is rational” . 



4. 




2 Mf V/c < n^(fi{k) 




. i=l 



2. Prove 



h ^ '0) ^ (V3 ^ ^-•'0), h V ^p), 

\-^{pA^p), \- ^ p), 

~'~'Pi ~'~'{p — *'0)1 '“'0, I — * 0) 

I i{p V 0) <-* ~<{~'P —>■ 0). 



(</? A -.0), 
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3. (a) V Tp V -i'0 1“ {‘p'^'4’) V where □ G {A, V, ^}. 

(b) Let the proposition Lp have atoms po, ... ,pn, show 
^ {pi V -npi) \- (pV^p. 

4. Define the double negation translation of p by placing in front 

of each subformula. Show \~i p° p^^ and \~c p \~i p^^ ■ 

5. Show that for propositional logic hj ~<p <tAhc ~^<P- 

6. Intuitionistic arithmetic HA (Heyting’s arithmetic) is the first-order in- 
tuitionistic theory with the axioms of page 87 as mathematical axioms. 
Show HA h \/xy{x = y V x y) (use the principle of induction). Show 
that the Godel translation works for arithmetic, i.e. PA h HA h p° 
(where PA is Peano’s (classical) arithmetic). Note that we need not dou- 
bly negate the atoms. 

7. Show that PA is conservative over HA with respect to formula’s not 
containing V and 3. 

8. Show that HA \- p V ip 3x((a; = 0^vj)A(a;yf0^ ip)). 

9. (a) Show [/ {p ^ Ip) V {ip ^ p); \f {~^^p 'f) ^ {^'^ ^^)'i 

\f ~^p V \f {-^p ^ '0 V (t) — >■ [{-^p Ip) \/ {-^p a)]] 

l/^pW^^p; ((/5, ^ v^j), for all n > 2. 

(b) Use the completeness theorem to establish the following theorems: 

(i) p^{ip^ p) 

(ii) {py p)^p 

(iii) yxyp{x,y) Vyxp{x,y) 

(iv) 3x\/yp{x, y) \/y3xp{x, y) 

(c) Show fclh yxyp{xy) <tA VZ > fcVa, b € D{1) I Ih p{a, b). 

k\\/ p —> Ip yy 31 > k{l\\- p and l\\/ ip). 

10. Give the simplified definition of a Kripke model for (the language of) 
propositional logic by considering the special case of def. 5.3.1 with S{k) 
consisting of propositional atoms only, and D{k) = {0} for all k. 

1 1 . Give an alternative definition of Kripke model based on the “structure- 
map” k I— > 2t(fc) and show the equivalence with definition 5.3.1 (without 
propositional atoms). 

12. Prove the soundness theorem using lemma 5.3.5. 
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13. A subset K' of a partially ordered set K is closed (under <) if fc G K', 
k < I ^ I G K' . If K' is a closed subset of the underlying partially 
ordered set AT of a Kripke model 1C, then K' determines a Kripke model 
1C over K' with D'{k) = D{k) and k\\-' ip k\\- p for k G K' and p 
atomic. Show fclh' p fclh p for all p with parameters in D(k), for 
k G K' (i.e. it is the future that matters, not the past). 

14. Give a modified proof of the model existence lemma by taking as nodes 

of the partially ordered set prime theories that extend F and that have 
a language with constants in some set C° U U . . . U (cf. proof 

of 5.3.9 ) (note that the resulting partially ordered set need not (and, as 
a matter of fact, is not) a tree, so we lose something. Compare however 
exercise 16). 

15. Consider a propositional Kripke model 1C, where the F function assigns 
only subsets of a finite set F of the propositions, which is closed under 
subformulas. We may consider the sets of propositions forced at a node 
instead of the node: define [fc] = {p G F\k\\- p}. The set {[fc]|/c G AT} is 
partially ordered by inclusion define Ar([fc]) := F(k)flAt, show that the 
conditions of a Kripke model are satisfied; call this model ICp, and denote 
the forcing by H-p. We say that ICp is obtained by filtration from 1C. 

(a) Show [k] \\~r p ^ k\\- p, for p G F. 

(b) Show that ICp has an underlying finite partially ordered set. 

(c) Show that \- p p holds in all finite Kripke models. 

(d) Show that intuitionistic propositional logic is decidable (i.e. there is 
a decision method for h p), apply 3.3.17. 

16. Each Kripke model with bottom node fco can be turned into a model 
over a tree as follows: Ktr consists of all finite increasing sequences 
{ko, ki,..., kn),ki < fcj+i(0 < i < n), and 2ltr((fco, . . . , kn)) := 2l(A:„). 
Show (A:q, . . . , kn), \\~tr p ^ kn\\- p, where \\-tr is the forcing relation in 
the tree model. 

17. (a) Show that {p ^ tjj) 'C {tjj ^ p) holds in all linearly ordered Kripke 

models for propositional logic. 

(b) Show that LC (/ cr there is a linear Kripke model of LC in which a 
fails, where LC is the propositional theory axiomatized by the schema 
{p ^ ifj) C {tjj ^ p) (Hint: apply Exercise 15). Hence LC is complete 
for linear Kripke models (Dummett). 

18. Consider a Kripke model 1C for decidable equality (i.e. \/xy{x = y V 
X yf y)). For each k the relation fclh a = 6 is an equivalence relation. 
Define a new model /C' with the same partially ordered set as 1C, and 
D'{k) = {[a]fe|a G D{k)}, where [a] is the equivalence class of a. Replace 
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the inclusion of D{k) in D{1), for fc < ^, by the corresponding canonical 
embedding [a]fc [a];. Define for atomic (p k\\-' ip := k\\- p and show 
k\\-' p ‘ip;’ k\\- p for all p. 

19. Prove DP for propositional logic directly by simplifying the proof of 5.4.2. 

20. Show that HA has DP and EP, the latter in the form: HA h 3xp(x)) => 
HA h p{n) for some n G N. (Hint, show that the model, constructed in 
5.4.2 and in 5.4.3, is a model of HA). 

21. Consider predicate logic in a language without function symbols and 
constants. Show h 3xp{x) =^h \/xp{x), where FV{p) C {a;}. (Hint: add 
an auxiliary constant c, apply 5.4.3, and replace it by a suitable variable). 

22. Show yxy{x = y V x ^ y) AP, where AP consists of the three 
axioms of the apartness relation, with x^y replaced by yf. 

23. Show \/xy{^^x = y —>■ x = y) \/\/xy{x = y\/ x ^y). 

24. Show that k\\- p\/ -ip for maximal nodes fc of a Kripke model, so E{k) = 
Th{%{k)) (in the classical sense). That is, “the logic in maximal node is 
classical.” 

25. Give an alternative proof of Glivenko’s theorem using Exercises 15 
and 24. 

26. Consider a Kripke model with two nodes fco, ^i; and 2l(fco) = K, 

2l(fci) = C. Show ko 11/ Pix{x'^ + 1 yf 0) — > 3x{x'^ + 1 = 0). 

27. Let D = K[A]/A^ be the ring of dual numbers. D has a unique max- 
imal ideal, generated by X. Consider a Kripke model with two nodes 
fco, fci; fco < fci and 2t(fco) = D, 2l(fci) = K, with / : D ^ K the canonical 
map f{a + bX) = a. Show that the model is an intuitionistic field, define 
the apartness relation. 

28. Show that \/x{p V ip{x)) (pV \/xtp{x)){x / FV (p)) holds in all Kripke 
models with constant domain function (i.e. \/kl{D{k) = D{1)). 

29. This exercise will establish the imdefinability of propositional connectives 
in terms of other connectives. To be precise the connective Di is not 
definable in (or ‘by’) ^ 2 , . . . , if there is no formula p, containing only 
the connectives D 2 , . ■ . , Dn and the atoms poj Pi j such that h po^lipi p. 
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(i) V is not definable in — >,A,_L. Hint: suppose defines V, apply the 
Godel translation. 

(ii) A is not definable in ^,V,_L. Consider the Kripke model with three 
nodes /ci , A:2 , fcs and A:i < ^3,^:2 < fca, A:i Ih p, fc2 Ih g, fca Ih p, g. Show 
that all A-free formulas are either equivalent to _L or are forced in k\ 
or k2- 

(iii) — !■ is not definable in A, V, _L. Consider the Kripke model with 
three nodes fci, ^2, ^3 and fci < fca, ^2 < ^3, k\ Ih p, k^ Ih p, q. Show for 
all — > —free formulas /c2 Ih <p k\ Ih <p. 



30 . In this exercise we consider now only propositions with a single atom p. 
Define a sequence of formulas by po := '■= ~^P,<P2n+3 ■= 

‘P2n+1 V P2n+2, P2n+4 ■= P2n+2 ~ > P 2 n+i and an extra formula <Poo := T. 
There is a specific set of implications among the pj, indicated in the 
diagram on the left. 




bi 

b2 



bs 



b 4 



bs 



(i) Show that the following implications hold: 

h :p2n+l — >■ </32n+3i h :p2n+l ^ ‘P2n+ii h :p2n+2 ~ P^2n+3i 

h <po ^ (fn, h ^ <p. 

(ii) Show that the following ‘identities’ hold: 

h (P2n+1 ^ P2n+2) ^ </^2n+2, h (p2n+2 ^ P2n+4:) ^ P2n+4, 

h (p2n+3 ^ P2n+l) ^ </^2n+4, h (p2n+4 ^ P2n+l) ^ P2n+6, 

h {P’2n+5 P2n+l) ^ </^2n+l, h (p2n+6 ^ P2n+l) ^ P2n+4, 



5.4 Some Model Theory 185 



h ^ <^ 2 n+i) ^ Vin+i for k>2n + 7, 
h {(fik ^2n+2) ^ V>2n+2 for A: > 2n + 3. 

Determine identities for the implications not covered above. 

(iii) Determine all possible identities for conjunctions and disjunctions 
of v?i’s (look at the diagram). 

(iv) Show that each formula in p is equivalent to some tpi. 

(v) In order to show that there are no other implications than those 
indicated in the diagram (and the compositions of course) it suffices 
to show that no (pn is derivable. Why? 

(vi) Consider the Kripke model indicated in the diagram on the right. 
ai Ih p and no other node forces p. Show: Va„3<piVA:(A: Ih pi 

k > On), Vbn3pjVk(k Ih pj k > 6„) 

Clearly the Pi{pj) is uniquely determined, call it p{an)i resp. p{hn)- 
Show p{ai) = pi, p{bi) = P 2 ., p{a 2 ) = Pi, p{b 2 ) = p{an+ 2 ) = 

[{p{an+i)y p{bn)) {p{an)y p{bn))] {p{an+i)\J p{bn)) , p{bn+2) = 

[(V3(a„+i) V p{b„+i)) {p{an+i) V p(bn))] (p{an+i) V p{bn+i). 

(vii) Show that the diagram on the left contains all provable implications. 
Remark. The diagram of the implications is called the Rieger-Nishimura 
lattice (it actually is the free Heyting algebra with one generator) . 

31. Consider intuitionistic predicate logic without function symbols. Prove 
the following extension of the existence property: h 3yp{xi, . . . ,Xn,y) ^ 
h p{xi , . . . ,Xn,t), where t is a constant or one of the variables x\, . . . ,Xn- 
(Hint: replace Xi, . . . , by new constants ai, . . . , a„). 

32. Let Qia^i . . . QnXnP’ix, y) be a prenex formula (without function symbols), 
then we can find a suitable substitution instance p' of p obtained by replac- 
ing the existentially quantified variables by certain universally quantified 
variables or by constants, such that h QiXi . . . QnXnp{x, y) p' (use 
Exercise 31). 

33. Show that h is decidable for prenex p. (use 3.3.17 and Exercise 32). 
Remark. Combined with the fact that intuitionistic predicate logic is 
undecidable, this shows that not every formula is equivalent to one in 
prenex normal form. 

34. Consider a language with identity and function symbols, and interpret 
an n-ary symbol F by a function Fk : D{k)"‘ — *■ D{k) for each fc in a 
given Kripke model K,. We require monotonicity: k < I ^ Fk Q Fi, and 
preservation of equality: a ^k b ^ Ffe(a) Fk(b), where a ^k b k 

\h a = b. 

(i) Show K\h y53ly{F{x) = y) 

(ii) Show/Clh/ 4 . 
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(iii) Let /Clh y), show that we can define for each k and Fk 

satisfying the above requirements such that JC Ih F{x}). 

(iv) Show that one can conservatively add definable Skolem functions. 
Note that we have shown how to introduce functions in Kripke mod- 
els, when they are given by “functional” relations. So, strictly speaking, 
Kripke models with just relations are good enough. 
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Normalisation 



6.1 Cuts 



Anyone with a reasonable experience in making natural deduction derivations 
will have observed that one somehow gets fairly efficient derivations. The worst 
that can happen is a number of steps that end up with what was already 
derived or given, but then one can obviously shorten the derivation. Here is 
an example: 



[a ^^pY 



AE 

if 



[a A ip]'^ 



E 



Ip ^ <j 



AE 

I 



E 



^ a 



h 



{a Ap)^ {{p ^ip)^a) 



a occurs twice, the first time it is a premise for a — *■ /, and the second 
time the result of a ^ A. We can shorten the derivation as follows: 

[a ApY 



■ AE 



a 



(p^tp) 



(aAp)^ ((p ^tp) 



It is apparently not a good idea to introduce something and to eliminate it 
right away. This indeed is the key-idea for simplifying derivations: avoid elim- 
inations after introductions. If a derivation contains an introduction followed 
by an elimination, then one can, as a rule, easily shorten the derivation, the 
question is, can one get rid of all those unfortunate steps? The answer is ‘yes’, 
but the proof is not trivial. 
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The topic of this chapter belongs to proof theory; the system of natural 
deduction was introduced by Gentzen, who also showed that “detours” in 
derivations can be eliminated. The subject was revived again by Prawitz, who 
considerable extended Gentzen’s techniques and results. 

We will introduce a number of notions in order to facilitate the treatment. 



Definition 6.1.1 The formulas directly above the line in a derivation rule 
are called the premises, the formula directly below the line, the conclusion. In 
elimination rules a premise not containing the connective is called a minor 
premise. All other premises are called the major premises. 

Convention The major premises will from now on appear on the left hand 
side. 



Definition 6.1.2 A formula occurrence j is a cut in a derivation when it is 
the conclusion of an introduction rule and the major premise of an elimination 
rule. 7 is called the cut formula of the cut. 

In the above example a is a, cut formula. 



We will adopt a slightly changed V/-rule, this will help to streamline the 
system. 

T 

VJ V/ 

Va; p[x/y] 

where y does not occur free in ip or in a hypothesis of the derivation of ip, and 
X is free for y in ip. 



The old version of V/ is clearly a special case of the new rule. We will use 
the familiar notations, e.g. 



V/ 



fiy) 

Vx ip{x) 



V/ 



Note that with the new rule we get a shorter derivation for 



V 

ipix) V 

— — VJ 

'^xipix) namely t{x) 

VE --^VJ 

Tiy) ^y^iy) 

Vi 



Vyv’(y) 
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The adoption of the new rule is not necessary, but rather convenient. 

We will first look at predicate calculus with A, _L, V. 

Derivations will systematically be converted into simpler ones by “elimi- 
nation of cuts”; here is an example: 



V 



a V' V 

> I converts to 

tfj ^ (7 Ip O' 



In general, when the tree under consideration is a subtree of a larger deriva- 
tion the whole subtree ending with a is replaced by the second one. The rest 
of the derivation remains unaltered. This is one of the features of natural de- 
duction derivations: for a formula a in the derivation only the part above cr is 
relevant to a. Therefore we will only indicate conversions as far as required, 
but the reader will do well to keep in mind that we make the replacement 
inside a given bigger derivation. 



We list the possible conversions: 

T>i T>2 

A/ is converted to 

ipi A ip2 
^E 



V, 

••Pi 



\i>\ 

V2 

T>i ip is converted to 

ip Ip ^ ip 



Vi 

tP 

V2 

•P 



V 

•p 

'ixip[x/y\ 

•p[i/y] 



V/ 

\fE 



is converted to 



•p[t/y] 
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It is not immediately clear that this conversion is a legitimate operation 
on derivations, e.g. consider the elimination of the lower cut which converts 



\/u(p{u, z) 

_ \/vip{v,z) 

yx(f{x,x) 

— -yE 

(fi{v,v) 



\/uip{u, v) 
\/vip{v, v) 



The thoughtless substitution of v for 2 ; in T> is questionable because v is 
not free for z in the third line and we see that in the resulting derivation V/ 
violates the condition on the proper variable. 



In order to avoid confusion of the above kind, we have to look a bit closer at 
the way we handle our variables in derivations. There is, of course, the obvious 
distinction between free and bound variables, but even the free variables do 
not all play the same role. Some of them are “the variable” involved in a 
V/. We call these occurrences proper variables and we extend the name to all 
occurrences that are “related” to them. The notion “related” is the transitive 
closure of the relation that two occurrences of the same variable have if one 
occurs in a conclusion and the other in a premise of a rule in “related” formula 
occurrences. It is simplest to define “related” as the reflexive, symmetric, 
transitive closure of the “direct relative” relation which is given by checking 

ip(x) A '0(x, y) 

all derivation rules, e.g. in AE the top 

tl}{x,y) 

occurrence and bottom occurrence of tjj{x,y) are directly related, and so are 
the corresponding occurrences of x and y . Similarly the ip at the top and the 
one at the bottom in 



V 



The details are left to the reader. 

Dangerous clashes of variables can always be avoided, it takes just a rou- 
tine renaming of variables. Since these syntactic matters present notorious 
pitfalls, we will exercise some care. Recall that we have shown earlier that 
bound variables may be renamed while retaining logical equivalence. We will 
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use this expedient trick also in derivations. 



Lemma 6.1.3 In a derivation the bound variables can be renamed so that no 
variable occurs both free and bound. 

Proof. By induction on T>. Actually it is better to do some ‘induction loading’, 
in particular to prove that the bound variables can be chosen outside a given 
set of variables (including the free variables under consideration). The proof 
is simple, and hence left to the reader. □ 

Note that the formulation of the lemma is rather cryptic, we mean of 
course that the resulting configuration is again a derivation. It also expedient 
to rename some of the free variables in a derivation, in particular we want to 
keep the proper and the non-proper free variables separated. 



Lemma 6.1.4 In a derivation the free variables may be renamed, so that 
unrelated proper variables are distinct and each one is used exactly once in 
its inference rule. Moreover, no variable occurs as a proper and a non-proper 
variable. 

Proof. Induction on T>. Choose always a fresh variable for a proper variable. 
Note that the renaming of the proper variables does not influence the hy- 
potheses and the conclusion. □ 

In practice it may be necessary to keep renaming variables in order to 
satisfy the results of the above lemmas. 

From now on we assume that our derivations satisfy the above condition, 

i.e. 

(i) bound and free variables are distinct, 

(ii) proper and non-proper variables are distinct and each proper variable is 
used in precisely one V/. 

Lemma 6.1.5 The conversions for —f, A, W yield derivations. 

Proof. The only difficult case is the V-conversion. But according to our 
variables-condition T>[t/u] is a derivation when T> is one, for the variables 
in t do not act as proper variables in T>. □ 

Remark There is an alternative practice for formulating the rules of logic, 
which is handy indeed for proof theoretical purposes: make a typographi- 
cal distinction between bound and free variables (a distinction in the alpha- 
bet). Free variables are called parameters in that notation. We have seen that 
the same effect can be obtained by the syntactical transformations described 
above. It is then necessary, of course, to formulate the V-introduction in the 
liberal form! 
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6.2 Normalization for Classical Logic 

Definition 6.2.1 A string of conversions is called a reduction sequence. A 
derivation T> is called irreducible derivation if there is no T>' such that 
V >1 V. 

Notation V >i V' stands for “V is converted to V'” . T> > T>' stands for 
“there is a finite sequence of conversions V = Vq >\'Di >i ... >i Dn-i = T> 
and V >V' stands for V > V' or V = V' . {T> reduces to V). 

The basic question is of course ‘does every sequence of conversions termi- 
nate in finitely many steps?’, or equivalently ‘is > well-founded?’ The answer 
turns out to be ‘yes’, but we will first look at a simpler question: ‘does every 
derivation reduce to an irreducible derivation?’ 



Definition 6.2.2 If there is no T>[ such that T>i >i T>[ (i.e. if Vi does not 
contain cuts), then we call T>i a normal derivation, or we say that T>i is in 
normal form, and if T> >T>' where T>' is normal, then we say that D normal- 
izes to V . 

We say that > has the strong normalization property if > is well-founded, 
i.e. there are no infinite reduction sequences, and the weak normalization prop- 
erty if every derivation normalizes. 

Popularly speaking strong normalization tells you that no matter how you 
choose your conversions, you will ultimately find a normal form; weak nor- 
malization tells you that if you choose your conversions in a particular way, 
you will find a normal form. 



Before getting down the normalization proofs, we remark that the T-rule 
can be restricted to instances where the conclusion is atomic. This is achieved 
by lowering the rank of the conclusion step by step. 



Example. 

V 

T 

if Alp 



is replaced by 



V V 

T T 



If ip 

(fi Atp 



AI 



V 

T 






V 



is replaced by 



T 







etc. 



(Note that in the right hand derivation some hypothesis may be cancelled, 
this is, however, not necessary; if we want to get a derivation from the same 
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hypotheses, then it is wiser not to cancel the (f at that particular V/) A similar 
fact holds for RAA-. it suffices to apply RAA to atomic instances. The proof 
is again a matter of reducing the complexity of the relevant formula. 



V 

_L 

ip Atp 



is replaced by 



Vp ^ V'] [</? A -0] 

[-.p] p 'll) 



_L 

■^{ip A 0) 

V 

_L 

— RAA 



p Atj) 



_L 



A 0) 



V 

_L 

0 



RAA 

AI 



[(^] [p 0] 

0 [-’ 0 ] 



- 


.0)] 


_L 




V 

_L 


is replaced by 


-^{p - 

V 


> 0) 


p 


0 


_L 

0 


RAA 






p 


0 





[Va; p{x)] 




hv5(a;)] pi.x) 


Nx p{x)] 


_L 


V 


-Aix p{x) 


is replaced by 
_L 


V 



Va; p{x) 



_L 

RAA 

p{x) 



\/x p{x) 
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Some definitions are in order now: 



Definition 6.2.3 (i) a maximal cut formula is a cut formula with maximal 
rank. 

(a) d = max{r{ip)\if cut formula in T>} (observe that max 0 = 0 / 
n = number of maximal cutformulas and cr{T>) = {d,n), the cut rank ofT>. 

If T> has no cuts, put cr{V) = (0,0). We will systematically lower the cut 
rank of a derivation until all cuts have been eliminated. The ordering on cut 
ranks is lexicographic: 

(d, n) < (d', n') ■.= d < d' V {d = d' A n < n'). 

Fact 6.2.4 < is a well-ordering (actually uj ■ uj) and hence has no infinite 
descending sequences. 

Lemma 6.2.5 Let T> be a derivation with a cut at the bottom, let this cut 
have rank n while all other cuts have rank < n, then the conversion of T> at 
this lowest cut yields a derivation with only cuts of rank < n. 

Proof. Consider all the possible cuts at the bottom and check the ranks of the 
cuts after the conversion. 

(i) ^-cut 



[<^] 

Vi 

/ T>2 

ip — > if ip 

if 



V2 

= V. Then V>iV = 

Vi 

if 



Observe that nothing happened in T>i and T> 2 , so all the cuts in V have 
rank < n. 

(ii) V-cut 



V 

ip{x) 

Vy q}{y) 



— V. Then V >\V' 




[t/x\ 



ip{f) 

The substitution of a term does not affect the cut-rank of a derivation, so 
in V all cuts have rank < n. 

(iii) A-cut. Similar. □ 
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Observe that in the A, J-, V - language the reductions are fairly simple, i.e. 
parts of derivations are replaced by proper parts (forgetting for a moment 
about the terms) - things get smaller! 



Lemma 6.2.6 If cr(T>) > (0,0), then there is a T>' with T> >i T>' and 
cr{V) < cr{V). 

Proof. Select a maximal cut formula in T> such that all cuts above it have 
lower rank. Apply the appropriate reduction to this maximal cut, then the 
part of the derivation T> ending in the conclusion a of the cut is replaced, 
by Lemma 6.2.5, by a (sub-) derivation in which all cut formula have lower 
rank. If the maximal cut formula was the only one, then d is lowered by 1, 
otherwise n is lowered by 1 and d remains unchanged. In both cases cr(fD) 
gets smaller. Note that in the first case n may become much larger, but that 
does not matter in the lexicographic order. 

Observe that the elimination a cut ( here!) is a local affair, i.e. it only 
affects the part of the derivation tree above the conclusion of the cut. 



Theorem 6.2.7 (Weak normalization) All derivations normalize. 

Proof. By Lemma 6.2.6 the cut rank can be lowered to (0, 0) in a finite number 
of steps, hence the last derivation in the reduction sequence has no more cuts. 
□ 



Normal derivations have a number of convenient properties, which can be 
read off from their structure. In order to formulate these properties and the 
structure, we introduce some more terminology. 



Definition 6.2.8 A path in a derivation is a sequence of formulas <po, ■ . • , I>n> 
such that ipQ is a hypothesis, ipn is the conclusion and ipi is a premise imme- 
diately above V3i+i(0 < z < n — 1). (ii) A track is an initial part of a path 
which stops at the first minor premise or at the conclusion. In other words, a 
track can only pass through the major premises of elimination rules. 



Example. 



[<pAtp] 

[<p^ a)] ip 

tjj —>■ a 



[p Alp] 
iP 



a 



(f A't/j 



a 
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The underlying tree is provided with irumber labels: 




and the tracks are (6, 4, 3, 2, 1), (9, 7) and (8, 5). 

Fact 6.2.9 In a normal derivation no introduction rule (application) can pre- 
cede an elimination rule (application) in a track. 

Proof. Suppose an introduction rule precedes an elimination rule iir a track, 
then there is a last introduction rule that precedes the first elimination 
rule. Because the derivation is normal, one cannot immediately precede the 
other. So there has to be a rule in between, which must be the _L-rule or the 
RAA, but that clearly is impossible, since _L cannot be the conclusion of an 
introduction rule. □ 



Fact 6.2.10 A track in a normal derivation is divided into (at most) three 
parts: an elimination part, followed by a A-part, followed by an introduction 
part. Each of the parts may be empty. 

Proof. By Fact 6.2.9 we know that if the first rule is an elimiiratioir, then all 
eliminations come first. Look at the last elimiiration, it results (1) iir the coir- 
clusion of T>, or (2) in _L, in which case the _L-rule or RAA may be applied, or 
(3) it is followed by an introduction. In the last case only introductions can 
follow. If we applied the _L- or RAA-v\x\e, then an atom appears, which can 
only be the premise of an introduction rule (or the conclusion oiT>). □ 



Fact 6.2.11 Let T> be a normal derivation. Then T> has at least one maximal 
track, ending in the conclusion. 

The uirderlyiirg tree of a normal derivatioir looks like 
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3 




The picture suggests that the tracks are classified as to “how far” they are 
from the maximal track. We formalize this in the notion of order. 



Definition 6.2.12 Let V be a normal derivation. 
o{tm) = 0 for a maximal track tm- 

o{t) = o{t') + 1 if the end formula of track t is a minor premise 
belonging to a major premise in t' 

The orders of the various tracks are indicated in the picture 



Theorem 6.2.13 (Subformula Property) Let I? be a normal derivation 
oi r \- ip, then each formula (occurrence) '0 of H is a subformula of p or of 
a formula in F , unless tf is cancelled by an application of RAA or when it is 
the T immediately following such a cancelled hypothesis. 

Proof. Consider a formula if in T>, if it occurs in the elimination part of its 
track t, then it evidently is a subformula of the hypothesis at the top of t. 
If not, then it is a subformula of the end formula ifi of t. Hence 0i is a 
subformula of a formula 02 of a track ti with o(ti) < o{t). Repeating the 
argument we find that 0 is a subformula of a hypothesis or of the conclusion. 

Sofar we considered all hypotheses, but we can do better. If t/j is a sub- 
formula of a cancelled hypothesis, it must be a subformula of the resulting 
implicational formula in case of an — > I application, or of the resulting for- 
mula in case of an RAA-application, or (and these are the only exceptions) it 
is itself cancelled by an RAA-application or it is a T immediately following 
such a hypothesis. □ 
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One can draw some immediate corollaries from our results so far. 



Corollary 6.2.14 Predicate logic is consistent. 

Proof. Suppose h_L, then there is a normal derivation ending in _L with all 
hypotheses cancelled. There is a track through the conclusion; in this track 
there are no introduction rules, so the top (hypothesis) is not cancelled. Con- 
tradiction. □ 

Note that 6.2.14 does not come as a surprise, we already knew that predi- 
cate logic is consistent on the basis of the Soundness Theorem. The nice point 
of the above proof is, that it uses only syntactical arguments. 



Corollary 6.2.15 Predicate logic is conservative over propositional logic. 

Proof. Let H be a normal derivation oi P \~ ip, where P and ip contain no 
quantifiers, then by the subformula property T> contains only quantifier-free 
formulas, hence I? is a derivation in propositional logic. □ 



6.3 Normalization for Intuitionistic Logic 

When we consider the full language, including V and 3, some of the notions 
introduced above have to be reconsidered. We briefly mention them: 

<p{u) 

'D 

- in the 3E u is called the proper variable. 

3x p{x) a 



- the lemmas on bound variables, proper variables and free variables remain 

correct. 

- cuts and cut formulas are more complicated, they will be dealt with below. 

As before we assume that our derivations satisfy the conditions on free 
and bound variables and on proper variables. 



Intuitionistic logic adds certain complications to the technique developed 
above. We can still define all conversions: 





V 


bl] 


^2] 




V, 








T^2 


converts to 


Pi 


V — conversion 


VI 








tpi V P2 


a 


a 




Vi 



\JE 



a 



a 
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V <f{y) V 

3 'D' ^{t) 

d — conversion converts to 

3a; ip{x) a T>'[t/y] 

a a 



’fiy) 

Lemma 6.3.1 For any derivation T>' with y not free in a and t free for y 

a 

^{t) 

in (fiiy), V'lt/y] is also a derivation. 

<j 

Proof. Induction on H'. □ 



It becomes somewhat harder to define tracks; recall that tracks were intro- 
duced in order to formalize something like “essential successor” . In — — ^ ^ 

we did not consider <.p to be an “essential successor” of (f (the minor premise) 
since ip has nothing to do with ip. 

In Vif and 3E the cancelled hypotheses have something to do with the 
major premise, so we deviate from the geometric idea of going down in the 
tree and we make a track that ends in tpM ip continue both through (the can- 
celled) ip and Ip, similarly a track that gets to 3xip{x) continues through (the 
cancelled) ip{y). 

The old clauses are still observed, except that tracks are not allowed to start 
at hypotheses, cancelled by WE or 3E. Moreover, a track (naturally) ends in 
a major premise of Vif or 3E if no hypotheses are cancelled in these rule 
application. 



Example. 



[<p(j/)] [V’(y)] 

3x(p{x) 3xip{x) 



[ip{y) V ip{y)] 3xip{x) V 3xip{x) 3x(p{x) V 3xip{x) 



[3x{ip{x) V ip{x))] 

3xp{x) V 3xip{x) 



3xip{x) V 3xip{x) 
3E 



3x{ip{x) V ip{x)) —>■ 3xp{x) V 3xip{x) 
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In tree form: 




The derivation contains the following tracks: 

( 2 , 4 , 9 , 7 , 5 , 3 , 1 ), ( 2 , 4 , 10 , 8 , 6 , 3 , 1 ). 

There are still more problems to be faced in the intuitionistic case: 

(i) There may be superfluous applications of \/E and 3 E in the sense that 
“nothing is cancelled” . 

V V 



I.e. in 3 xtp{x) a no hypotheses (f{y) are cancelled in V . 
a 

We add extra conversions to get rid of those elimination rule applications: 

V Vi V2 

Vi 

ip\/ tp a a converts to 

o 



a 

if ip and ip are not cancelled in resp. Vi,T>2. 



V 

3 xif{x) 



V 



a 



V 

converts to 



a 



a 

if piy) is not cancelled in V . 

(ii) An introduction may be followed by an elimination in a track without 
giving rise to a conversion. 



6.3 Normalization for Intuitionistic Logic 



201 



Example. 

M M ^ [^] [^] , ^ 

AI AI 

ipV ip p A p p Ap 



AE 

In each track there is an A-introduction and two steps later an A- 
elimination, but we are not in a position to apply a reduction. 

We would still not be willing to accept this derivation as ‘normal’, if only 
because nothing is left of the subformula property: pAp is neither a subformula 
of its predecessor in the track, nor of its predecessor. The problem is caused 
by the repetitions that may occur because of yE and 3if, e.g. one may get a 
string of occurrences of the same formula: 

Vi 

3xipi{xi) a 
3 x2P2(x 2) a- 

Bxspsixs) a 

a 



'^XnPniXn) O 

a 

Clearly the formulas that would have to interact in a reduction may be 
too far apart. The solution is to change the order of the rule applications, we 
call this a permutation conversion. 

Our example is converted by ‘pulling’ the AE upwards: 




p Ap 

AE 

p\J p p 



‘f 



[y’l [y’l 

p Ap 



AI 

AE 



■WE 



Now we can apply the A— conversion: 

py p [p] [p] 



yE 
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In view of the extra complications we have to extend our notion of cut. 



Definition 6.3.2 A string of occurrences of a formula a in a track which 
starts with the result of an introduction and ends with an elimination is called 
a cut segment. A maximal cut segment is one with a cut formula of maximal 
rank. 

We have seen that the elimination at the bottom of the cut segment can 
be permuted upwards: 

Example. 




3xpi{x) i/) — > (T converts to 3xipi{x) 'i/i — > a 

3y<p2{y) fj ^ a fj ^ a f) 

•f ^ a Ip 3y(p2{y) a 



a 



a 



w 

V 

a 

and then to ^ 

3x(fi(x) a 

3yy>2iy) cr 



a 

Now we can eliminate the cut formula tb ^ a: , 

tp 

V 

3x(pi{x) a 
^W 2 {y) cr 

a 

So a cut segment may be eliminated by applying a series of permutation con- 
versions followed by a “connective-conversion” . 
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As in the smaller language, we can restrict our attentioir to applications 
of the _L —rule for atomic instances. 



We just have to consider the extra connectives: 

V 



V 



(fiV Ip 



V 



3xtp{x) 



can be replaced by — 



(fiV Ip 

V 



can be replaced by 



‘Piv) 



3x^p{x) 

We will show that iir intuitionistic logic derivations cair be normalized. 
Define the cut rank as before; but now for cut segments: 



Definition 6.3.3 (i) The rank of a cut segment is the rank of its formula, 
(ii) d = max{r{(f)\ip cut formula in T>}, n = number of maximal cut segments, 
cr(fD) = (d, n) with the same lexicographical ordering. 

Lemma 6.3.4 If T> is a derivation ending with a cut segment of maximal 
rank such that all cut segments distinct from this segment, have a smaller 
rank, then a number of permutation conversions and a conversion reduce T> 
to a derivation with smaller cut rank. 

Proof, (i) Carry out the permutation conversions on a maximal segmeirt, so 
that an elimination immediately follows air introduction. E.g. 

if Ip P 

■■■ (fi A Ip (fi ApJ 

(fi Atp • • • (fi 

> 

(fi Atp ■ ■ ■ if 

ip Atp • • • ip 

p p 

Observe that the cut rank is not raised. We now apply the “connective” 
conversion to the remaining cut. The result is a derivation with a lower d. □ 



Lemma 6.3.5 If cr{V) > (0,0), then there is a V such that V > V' and 
cr{V) < cr{V). 
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Proof. Let s be a maximal segment such that in the sub derivation T> ending 
with s no other maximal segments occur. Apply the reduction steps indicated 
in Lemma 6.3.4, then T> is replaced by T>' and either the d is not lowered, but 
n is lowered, or d is lowered. In both cases cr{T>') < cr{T>). □ 



Theorem 6.3.6 (Weak normalization) Each intuitionistic derivation nor- 
malizes. 

Proof. Apply Lemma 6.3.5. □ 

Observe that the derivation may grow in size during the reductions, e.g. 

(fiV ip ifV tp ipM-ip ip ^ a YpY Ip ^ a [ip]'^ 

ipy Ip <T a 

- — 2 

a 

is reduced by a permutation conversion to 



VpY [pf ip^a -ip^cF 

ip\/ tp a a ^ 

ip\f ip a 



a 



V 

— 1 



where 

[ipY ip^a [ipf tp ^ a 

ip\/ Ip a a 

V = 3 

a 

In general, parts of derivations may be duplicated. 

The structure theorem for normal derivations holds for intuitionistic logic 
as well; note that we have to use the extended notion of track and that seg- 
ments may occur. 



Fact 6.3.7 (i) In a normal derivation, no application of an introduction rule 
can precede an application of an elimination rule. 

(u) A track in a normal derivation is divided into (at most) three parts: an 
elimination part, followed by a 1- part, followed by an introduction part. These 
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parts consist of segments, the last formula of which are resp. the major premise 
of an elimination rule, the falsum rule or ( an introduction rule or the eonclu- 
sion). 

(Hi) In a normal derivation the conelusion is in at least one maximal track. 



Theorem 6.3.8 (Subformula Property) In a normal derivation of F h (p, 
each formula is a subformula of a hypothesis in F, or of ip. 

Proof. Left to the reader. □ 



Definition 6.3.9 The relation “p is a strictly positive subformula occurrence 
of if” is inductively defined by: 

(1) p is a strictly positive subformula occurrence of p, 

(2) if is a strictly positive subformula occurrence ofpAif,ifAp, 
p\/if,if\/p,p—>-if, 

(3) if is a strictly positive subformula occurrence of\/xif,3xif. 

Note that here we consider occurrences ; as a rule this will be tacitly un- 
derstood. We will also say, for short, p is strictly positive in if, or p occurs 
strictly positive in if. The extension to connectives and terms is obvious, e.g. 
“V is strictly positive in if” . 



Lemma 6.3.10 (i) The immediate successor of the major premise of an elim- 
ination rule is strictly positive in this premise (for — > E,AE,yE this actually 
is the conclusion), (ii) A strictly positive part of a strictly positive part of p 
is a strictly positive part of p. 

Proof. Immediate. □ 

We now give some applications of the Normal Form Theorem. 



Theorem 6.3.11 Let F h pVif, where F does not eontain V in strietly 
positive subformulas, then F \- p or F \- if . 

Proof. Consider a normal derivation T> of pW if and a maximal track t. If the 
first occurrence p\/ if of its segment belongs to the elimination part of f , then 
pW if is a strictly positive part of the hypothesis in t, which has not been 
cancelled. Contradiction. 

Hence pW if belongs to the introduction part of t, and thus T> contains a 
subderivation of p or of if. 
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V 



T>i ip\/ tjj 

V looks like 2?fe-2 

Vk-i if V 'll: 

T>k ipW tp 

ipV Ip 

The last k steps are 3E or \/E. If any of them were an V-elimination then 
the disjunction would be in the elimination part of a track and hence a V 
would occur strictly positive in some hypothesis of E. Contradiction. 

Hence all the eliminations are 3E. Replace the derivation now by: 

V 

T>i ip 

T>2 p 



T>k ip 



In this derivation exactly the same hypothesis have been cancelled, so 

E \r p. □ 

Consider a language without function symbols (i.e. all terms are variables 
or constants). 



Theorem 6.3.12 If E \- 3xp(x), 'where E does not contain an existential 
formula as a strictly positive part, then E h p(ti) V ... V p(tn), where the 
terms ti, . . . occur in the hypotheses or in the conclusion. 

Proof. Consider an end segment of a normal derivation T> of 3xp{x) from E. 
End segments run through minor premises of VE and 3E. In this case an end 
segment cannot result from 3E, since then some 3up(u) would occur strictly 
positive in E. Hence the segment runs through minor premises of VE’s. I.e. 
we get: 
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[ai] [/3i] 

T>i T>2 

ai V /?! Bxip(x) Bxip(x) : 

«2 V P 2 3xif{x) 3x(p{x) 

3xip{x) 



3x(p{x) 

3xip{x) at the beginning of an end segment results from an introduction 
(else it would occur strictly positive in F), say from It could also result 

from a _L rule, but then we could conclude a suitable instance of tp{x). 

We now replace the parts of V yielding the tops of the end segments by 



parts yielding disjunctions: 

[ai] [/3i] 

Vi T>2 

ip{t2) 

aiV/3i ip{t2) V^(ti) V : 

«2 V P 2 ^p{h) V ip(t2) ip{h) 



V v?(t2) V ... V ip{tn) 



So r h w ip{ti) ■ Since the derivation 
subterms of F or 3xip{x). 



was normal the various t^’s are 

□ 



Corollary 6.3.13 If in addition V does not occur strictly positive in F, then 
F h (fit) for a suitable t. 

Corollary 6.3.14 If the language does not contain constants, then we get 
F h 'dx(fi{x). 

We have obtained here constructive proofs of the Disjunction and Exis- 
tence Properties, which had already been proved by classical means in Ch. 5. 



Exercises 

1. Show that there is no formula (p with atoms p and q without V so that 
h p V g (hence V is not definable from the remaining connectives) . 
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2. If If does not contain — *■ then \fi f. Use this to show that — *■ is not defin- 
able by the remaining connectives. 

3. If A does not occur in f and p and q are distinct atoms, then <f \~ p and 
(f\- q ^ (f h_L. 

4. Eliminate the cut segment (<t V r) from 

T >2 a 

T>i 3 xif 2 {x) a V T [a] [r] 

3 yifi{y) a\jT V4 V5 

0\/ T p p 



p 



5. Show that a prenex formula (Qia;i) . . . (QnXn)^ is derivable if and only if 
a suitable quantifier-free formula, obtained from p, is derivable. This, in 
combination with exercise 15 of section 5, yields another proof of exercise 
33 of section 5. 



Additional Remarks: Strong normalization 
and the Church-Rosser property. 

As we already mentioned, there is a stronger result for natural deduction: 
every reduction sequence terminates (i.e. <1 is well-founded). For proofs see 
Girard 1987 and Girard et al. 1989. Indeed, one can also show for > the so- 
called Church-Rosser property (or confluence property): if I? > T>i,T> > T >2 
then there is a V 3 such that T>i > and X >2 > T> 3 . As a consequence each 
T> has a unique normal form. One easily shows, however, that a given p may 
have more than one normal derivation. 
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Godel’s theorem 



7.1 Primitive recursive functions 

We will introduce a class of numerical functions which evidently are effec- 
tively computable. The procedure may seem rather ad hoc, but it gives us a 
surprisingly rich class of algorithms. We use the inductive method, that is, we 
fix a number of initial functions which are as effective as one can wish; after 
that we specify certain ways to manufacture new algorithms out of old ones. 

The initial algorithms are extremely simple indeed: the successor function, 
the constant functions and the projection functions. It is obvious that compo- 
sition (or substitution) of algorithms yields algorithms The use of recursion 
was as a device to obtain new functions already known to Dedekind’; that re- 
cursion produces algorithms from given algorithms is also easily seen. In logic 
the study of primitive recursive functions was initiated by Skolem, Her brand, 
Godel and others. 

We will now proceed with a precise definition, which will be given in the 
form of an inductive definition. First we present a list of initial functions 
of an unmistakably algorithmic nature, and then we specify how to get new 
algorithms from old ones. All functions have their own arity, that is to say, 
they map to N for a suitable k. We will in general not specify the arities 
of the functions involved, and assume that they are chosen correctly. 

The so-called initial functions are 

- the constant functions with C^(no, . . . , Uk-i) = m, 

~ the successor function S with S{n) = n + 1, 

- the projection functions with P^{no , . . . , Uk-i) = Ui {i < k). 

New algorithms are obtained from old ones by substitution or composition and 
primitive recursion,. 

- A class T of functions is closed under substitution if g, h ^, . . . , hp-i € P ^ 

f G P, where f{n) = g{ho{n), hp_i(n)) 
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- is closed under primitive recursion Hg,hG!F^fG!F, where 
f /(0,n) = g{n) 

\ f{m + l,fi) = h{f{m, n), n, to). 

Definition 7.1.1 The class of primitive recursive functions is the smallest 
class of functions containing the constant functions, the successor function, 
and the projection functions, which is closed under substitution and primitive 
recursion. 

Remark. Substitution has been defined in a particular way: the functions 
that are substituted have all the same string of inputs. In order to make 
arbitrary substitutions one has to do a little bit of extra work. Consider 
for example the function f{x,y) in which we want to substitute g{z) for 
X and f{z,x) for y: f{g{z),f{z,x)), This is accomplished as follows: put 
ho{x,z) = g{z) = g{Pf{x,z)) and h{x,z) = f{z,x) = f{Pf{x,z),Pg{x,z)), 
Then the required f{g{z),f{z,x)) is obtained as f{ho{x,z),hi{x,z)). The 
reader is expected to handle cases of substitution that will come up. 

Let us start by building up a stock of primitive recursive functions. The 
technique is not difficult at all, most readers will have used it at numerous 
occasions. The surprising fact is that so many functions can be obtained by 
these simple procedures. Here is a first example: 

X + y, defined by 

( X + 0 = X 

[X + (y + 1) = {x + y) + I 

We will reformulate this definition so that that the reader can see that it in- 
deed fits the prescribed format: 

J -k(0,a:) = P^{x) 

\-k(y-k l,a;) = S{P(^{+{y,x), Pg{x,y), Pf{x,y))). 

As a rule we will we stick to traditional notations, so we will simply write 
X + y for +{y,x). We will also tacitly use the traditional abbreviations from 
mathematics, e.g. we will mostly drop the multiplication dot. 

There are two convenient tricks to add or delete variables. The first one is 
the introduction of dummy variables. 

Lemma 7.1.2 (dummy variables) If f is primitive recursive, then so is g 

with g{xQ, . . .,Xn-l,Zo, ■ . ■ ,2m-l) = f(xo, ■ . . ,x„_i). 

Proof Put g{xo, ..., Xn-l,Zo, ..., Zm-l) = z),..., Pf:+^{x, 5) □ 

Lemma 7.1.3 (identification of variables) If f is primitive recursive, then 
so is f{xo, . . . ,Xn-i)[xi/xj], where i,j<n 
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Proof. We need only consider the case i ^ j. f{xo, . . . ,Xn-i)[xi/xj] = 



A more pedestrian notation is f{xo , . . . , Xi, . • . , Xi, . . . x„_i). 

Lemma 7.1.4 (permutation of variables) Iff is primitive recursive, then 
so is g with g{xo, . . . ,x„_i) = /(xq, . . . ,Xn-i)[xi,Xj/xj,Xi], where i,j < n 



From now on we will use the traditional informal notations, e.g. g{x) = 
/(x,x,x), or g{x,y) = f{y,x). For convenience we have used and will use, 
when no confusion can arise, the vector notation for strings of inputs. 

The reader can easily verify that the following examples can be cast in the 
required format of the primitive recursive functions. 




^’^_i(xo, . . ■ , x„_i)), where the second Pf is at the jth entry. 



□ 



Proof. Use substitution and projection functions. 



□ 



1. x + y 



X + 0 = X 

x + {y+l) = (x + y) + l 



2. x-y 



X • 0 = 0 



x-{y + l)=x-y + x (we use (1)) 




4. predecessor function 




Apply recursion: 



( p(x + Ij = X 
5. cut-off subtraction (monus) 



p(0) = 0 

p{x + 1) 




Apply recursion: 




6. factorial function 



n! = 1 • 2 • 3 • • • (n — 1) • n. 



7. signum function 



sg(x) = 



Apply recursion: 



0 if X = 0 

1 otherwise 
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fs5(0) = 0 

\s 5 (a; + l) = 1 

8. sg(a;) = 1 - sg(x). 

, ._fl if x = 0 

9. \ x-y\. 

Observe that | x — y |= {x — y) + {y — x) 

10. f{x,y) = g is primitive recursive. 

f lfi=o9{x,i) = g{x,0) 

I Efco 9{x, i) = Tf(=Q 9 {x, i) + g{x, y + 1) 

11- riLo5(^o), idem. 

12. If / is primitive recursive and tt is a permutation of the set {0, . . . , n — 1}, 
then g with g{x) = /(a;,rO, • • ■ j 2 ^ 7 r(n-i)) is also primitive recursive. 

13. If f{x,y) is primitive recursive, so is f{x,k) 

The definition of primitive recursive functions by direct means is a worth- 
while challenge, and the reader will find interesting cases among the exercises. 
For an efficient and quick access to a large stock of primitive recursive func- 
tions there are, however, techniques that cut a number of corners. We will 
present them here. 

In the first place we can relate sets and functions by means of characteristic 
functions. In the setting of number theoretic functions, we define characteristic 
functions as follows: for A C the characteristic function Ka ■ ^ {Oil} 

of A is given hy n G A ^ KA{n) = 1 (and hence n ^ A ^ KA{n) = 0). 
Warning: in logic the characteristic function is sometimes defined with 0 and 
1 interchanged. For the theory that does not make any difference. Note that 
a subset of is also called a k-ary relation. When dealing with relations we 
tacitly assume that we have the correct number of arguments, e.g. when we 
write A n i? we suppose that A, B are subsets of the same N^. 



Definition 7.1.5 A relation R is primitive recursive if its characteristic func- 
tion is so. 

Note that this corresponds to the idea of using Kfi as a test for membership. 

The following sets (relations) are primitive recursive: 

1.0: Kih{n) = 0 for all n. 

2. The set of even numbers, E: 

I Ke(0) = 1 

\ Ke{x -k 1 ) = ^{Ke{x)) 
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3. The equality relation: K={x,y) = sg(| x — y \) 

4. The order relation: K^{x, y) = sg((a; + 1) — y)- 

Lemma 7.1.6 The primitive recursive relations are closed itnder U,n,'^ and 
bounded quantification. 

Proof Let C = A H B, then xGC4^xgAAxGB,so Kc{x) = 1 
Ka{x) = 1 a Kb{x) = 1. Therefore we put Kc{x) = Ka{x) ■ Kb{x). Hence 
the intersection of primitive recursive sets is primitive recursive. For union 
take Kaub{x) = sg{KA{x) + Kb{x)), and for the complement Kac{x) = 
sg{KA{x)). 

We say that R is obtained by bounded quantification from S if i?(n, m) := 
Qx < mS{n, x), where Q is one of the quantifiers V, 3. 

Consider the bounded existential quantification: R{x, n) := 3y < nS{x, y), 
then KB{x,n) = sg{J2y<n ^s{x,y)), so if S is primitive recursive, then R is 
so. 

The V case is similar; it is left to the reader. □ 



Lemma 7.1.7 The primitive recursive relations are closed under primitive 
recursive substitutions, i.e. if fo, . . . , fn-i xnd R are primitive recursive, then 
so is S{x) := R{fo{x),...,fn-i{x)). 

Proof Ks{x) = KR{fi{x),...,fn-i{x)) □. 

Lemma 7.1.8 (definition by cases) Let R\, . . . ,Rp be mutually exclusive 
primitive recursive predicates, such that \/x{Ri{x) V R 2 {x) V • • • V Rp{x)) and 
let gi, ... ,gp be primitive recursive functions, then f with 



is primitive recursive. 



fix) = 



' giix) if Riix) 
g2{x) if R2 {x) 



^ gp{x) if Rp{x) 



Proof If Kfifix) = 1, then all the other characteristic functions yield 0, so we 
put f{x) = gi{x) ■ Knfix) + . . . + gp{x) ■ Kr^{x). □ 



The natural numbers are well-ordered, that is to say, each non-empty sub- 
set has a least element. If we can test the subset for membership, then we can 
always find this least element effectively. This is made precise for primitive 
recursive sets. 



Some notation: (pLy)R(x, y) stands for the least number y such that R{x, y) 
if there is one. {pty < m)R{x, y) stands for the least number y < m such that 
R{x, y) if such a number exists; if not, we simply take it to be m. 
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Lemma 7.1.9 (bounded minimalization) R is primitive recursive^ (m2/< 
m)R{x,y) is primitive recursive. 

Proof Consider the following table: 



R 


R{x, 0) R{x, 1) , 


. . , R{x, i), R{x, f + 1) , 


. . , i?(£, to) 


Kr 


0 


0 


1 


0 


1 


9 


0 


0 


1 


1 


1 


h 


1 


1 


0 


0 


0 


f 


1 


2 


i 


i 


i 



In the first line we write the values of Kn{x,i) for 0 < i < m, in the second 
line we make the sequence monotone, e.g. take g{x,i) = K r{x , j) . 

Next we switch 0 and 1: h{x,i)^sgg{x,i) and finally we sum the h : f{x,i) = 
Sj=o ^(^1 j)- If holds for the first time in i, then /(x, m — 1) = i, and 

if R{x,j) does not hold for any j < m, then f{x, m — 1) = m. 

So {gy < m)R{x,y) = f{x,m — 1), and thus bounded minimalization yields a 
primitive recursive function. □ 

We put {p,y < m)R{x, y) := {gy <m + l)R{x, y). 

Now it is time to apply our arsenal of techniques to obtain a large variety 
of primitive recursive relations and functions. 

Theorem 7.1.10 The following are primitive recursive: 

1. The set of primes: 

Prime(x) x is a prime a; yf 1 A \/yz < x(x = yz—*y=lVz = l). 

2. The divisibility relation: 

X \ y 4^ Bz < y{x ■ z = y) 

3. The exponent of the prime p in the factorisation of x: 

{gy < x)[p'^ \ X A ^ | a;] 

4-. The ‘nth prime’ function: 

r p(o) = 2 

( p{n + 1) = {gx < p{n)‘’’~^^){x is prime Ax > p(n)). 

Note that we start to count the prime numbers from zero, and we use the 
notation p„ = p(n). So po = 2,pi = 3, p 2 = 5, . . .. The first prime is po, and 
the ith prime is Pi-i- 

Proof. One easily checks that the defining predicates are primitive recursive 
by applying the above theorems. □ 

Coding of finite sequences 

One of the interesting features of the natural number system is that it 
allows a fairly simple coding of pairs of numbers, triples, . . . , and n-tuples 
in general. There are quite a number of these codings around, each having 
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its own strong points. The two best known ones are those of Cantor and of 
Godel. Cantor’s coding is given in exercise 6, Godel’s coding will be used here. 
It is based on the well-known fact that numbers have a unique (up to order) 
prime factorization. 

The idea is to associate to a sequence (no, ■ . ■ the number 

■ The extra -1-1 in the exponents is to take 

into account that the coding has to show the zero’s that occur in a sequence. 
From the prime factorization of a coded sequence we can effectively extract 
the original sequence. The way we have introduced these codes makes the 
coding unfortunately not a bijection, for example, 10 is not a coded sequence, 
whereas 6 is. This is not a terrible drawback; there are remedies, which we 
will not consider here. 

Recall that, in the framework of set theory a sequence of length n is a 
mapping from {0, . . . ,n — 1} to N, so we define the empty sequence as the 
unique sequence of length 0, i.e. the unique map from 0 to N, which is the 
empty function (i.e. set). We put the code of the empty sequence 1. 

Definition 7.1.11 1. Seq{n) := Vp,q < n{Prime(p) A Prime{q) Aq < pA 
p \ n ^ q \ n) An ^ 0. (sequence number) 

In words: n is a sequence number if it is a product of consecutive positive 
prime powers. 

2. lth{n) •= {px <n+l)[-^px | n] (length) 

3. {n)i = {px < n)[pf I n A ^ p^~^^ | n] — 1 (decoding or projection) 

In words: the exponent of the ith prime in the factorisation of n, minus 
1. {n)i extracts the ith element of the sequence. 

I n*m = n- (concatenation) 

In words: if m,n are codes of two sequences Tn,n, then the code of the 
concatenation of m and n is obtained by the product of n and the prime 
powers that one gets by ‘moving up’ all primes in the factorization of m 
by the length of n. 

Remark: 1 is trivially a sequence number. The length function only yields the 
correct output for sequence numbers, e.g. Ith(lO) = 1. Furthermore the length 
of 1 is indeed 0, and the length of a 1-tuple is 1. 

Notation. We will use abbreviations for the iterated decoding functions: 
etc. 

Sequence numbers are from now on written as (no, . . . , Uk-i). So, for example, 
(5,0) = 2® • 3^. We write () for the code of the empty sequence. The binary 
coding, (x,y), is usually called a pairing function. 

So far we have used a straightforward form of recursion, each next output 
depends on the parameters and on the previous output. But already the 
Fibonacci sequence shows us that there are more forms of recursion that occur 
in practice: 
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r m = 1 
{ m = 1 

[F{n + 2) = F{n) + F{n+1) 

The obvious generalization is a function, where each output depends on the 
parameters and all the preceding outputs. This is called course of value re- 
cursion. 

Definition 7.1.12 For a given function f{y,x) its ‘course of value’ function 
f{y, x) is given by 

(f_{0,x) = l 

X f{y + 1 , ^) = f{y ■ x) ■ 

Example: if /(O) = 1,/(1) = 0,/(2) = 7, then /(O) = 1,/(1) = 2^+1, /(2) = 
2i+i-3\/(3) = 22-3-5®= (1,0,7). 

Lemma 7.1.13 If f is primitive recursive, then so is f . 

Proof. Obvious. □ 

Since /(n + 1) ‘codes’ so to speak all information on / up to the nth value, 
we can use / to formulate course-of- value recursion. 

Theorem 7.1.14 If g is primitive recursive and f{y,x) = g{f{y,x),y,x), 
then f is primitive recursive. 

Proof We first define /. 

r/j 0 ,a-) = l 

1 f{y + 1, ^) = f{y, x) * (g(f(y, x), y, £)). 

/ is obviously primitive recursive. Since f{y,x) = {f{y + l,x))y we see that 
/ is primitive recursive. □ 

By now we have collected enough facts for future use about the primitive 
recursive functions. We might ask if there are more algorithms than just the 
primitive recursive functions. The answer turns out to be yes. Consider the 
following construction: each primitive recursive function / is determined by 
its definition, which consists of a string of functions /o, /i, . . . , fn-i = f such 
that each function is either an initial function, or obtained from earlier ones 
by substitution or primitive recursion. 

It is a matter of routine to code the whole definition into a natural number 
such that all information can be effectively extracted from the code (see 
[Hinman] , p. 34) . The construction shows that we may define a function F such 
that F(x, y) = fxiy), where fx is the primitive recursive function with code x. 
Now consider D{x) = F{x,x) + 1. Suppose that D is primitive recursive, so 
D = fn for a certain n, but then D{n) = F{n,n) + 1 = fn{n) + 1 fn{n). 
contradiction. It is clear, however, from the definition of D that it is effective, 
so we have indicated how to get an effective function which is not primitive 
recursive. The above result can also be given the following formulation: there 
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is no binary primitive recursive function F(x,y) such that each unary prim- 
itive function is F(n,y) for some n. In other words, the primitive functions 
cannot be primitive recursively enumerated. 

The argument is in fact completely general; suppose we have a class of 
effective functions that can enumerate itself in the manner considered above, 
then we can always “diagonalize out of the class” by the D function. We 
call this ’’ diagonalization'. The moral of this observation is that we have little 
hope of obtaining all effective functions in an effective way. The diagonaliza- 
tion technique goes back to Cantor, who introduced it to show that the reals 
are not denumerable. In general he used diagonalization to show that the car- 
dinality of a set is less than the cardinality of its power set. 



Exercises 

1. If hi and /12 are primitive recursive, then so are / and g, where 

r /(O) = ai 

I 5(0) = 02 

I f{x + l) = hi{f{x),g{x),x) 

[ g{x + l) = h 2 {f{x),g{x),x) 

2. Show that the Fibonacci series is primitive recursive, where 

r/(o) = /(!) = I 

\f{x + 2) = f{x) + f{x + l) 

3. Let [o] denote the integer part of the real number a (i.e. the greatest integer 

< a). Show that for natural numbers x and y, is primitive recursive. 

4. Show that max{x,y) and min{x,y) are primitive recursive. 

5. Show that the gcd (greatest commion divisor) and 1cm (least common 
multiple) are primitive recursive. 

6. Cantor’s pairing function is given by P{x,y) = ^{{x + y)^ -I- 3a; -I- 2y). 
Show that P is primitive recursive, and that P is a bijection of onto 
N (Hint. Consider in the plane a walk along all lattice points as follows: 
(0,0) ^ (0,1) ^ (1,0) ^ (0,2) ^ (1,1) ^ (2,0) ^ (0,3) ^ (1,2) ^ 
. . .). Define the ‘inverses’ L and R such that P{L{z), R{z)) = z and show 
that they are primitive recursive. 

7. Show Pn <2^ . For more about bounds on see Smoryhski 1980. 
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7.2 Partial Recursive Functions 

Given the fact that the primitive recursive functions do not exhaust the nu- 
merical algorithms, we extend in a natural way the class of effective functions. 
As we have seen that an effective generation of all algorithms invariably brings 
us in conflict with diagonalization, we will widen our scope by allowing partial 
functions. In this way the conflicting situation D{n) = D{n) -|- 1 for a certain 
n only tells us that D is not defined for n. 

In the present context functions have natural domains, i.e. sets of the form 
N”(= {{rriQ, . . . ,mn-i) \ rrii S N}, so called Cartesian products), a partial 
function has a domain that is a subset of N". If the domain is all of N", then 
we call the function total. 

Example: f{x) = is total, g{x) = py[y^ = x] is partial and not total, {g{x) 
is the square root of x if it exists) . 

The algorithms that we are going to introduce are called partial recur- 
sive functions; perhaps recursive, partial functions would have been a better 
name. However, the name has come to be generally accepted. The particular 
technique for defining partial recursive functions that we employ here goes 
back to Kleene. As before, we use an inductive definition; apart from clause 
R7 below, we could have used a formulation almost identical to that of the 
definition of the primitive recursive functions. Since we want a built-in uni- 
versal function, that is a function that effectively enumerates the functions, 
we have to employ a more refined technique that allows explicit reference to 
the various algorithms. The trick is not esoteric at all, we simply give each 
algorithm a code number, called its index. We fix these indices in advance so 
that we can speak of the ‘algorithm with index e yields output y on input 
(xo, . . ■ , Xn-i)’, symbolically represented as {e}(a;o, . . . , Xn-i) — y. 

The heuristics of this ‘index applied to input’ is that an index is viewed as 
a description of an abstract machine that operates on inputs of a fixed arity. 
So {e}(n) ~ m must be read as ‘the machine with index e operates on n and 
yields output m’. It may very well be the case that the machine does not yield 
an output, in that case we say that {e}(n) diverges. If there is an output, we 
say that {e}(n) converges. That the abstract machine is an algorithm will 
appear from the specification in the definition below. 

Note that we do not know in advance that the result is a function, i.e. that 
for each input there is at most one output. However plausible that is, it has to 
be shown. Kleene has introduced the symbol ~ for ‘equality’ in contexts where 
terms may be undefined. This happens to be useful in the study of algorithms 
that need not necessarily produce an output. The abstract machines above 
may, for example, get into a computation that runs on forever. For example, it 
might have an instruction of the form ‘the output at n is the successor of the 
output at n -|- 1’. It is easy to see that for no n an output can be obtained. In 
this context the use of the existence predicate would be useful, and ~ would 
be the = of the theory of partial objects (cf. Troelstra-van Dalen, 2.2). The 
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convention ruling ~ is: if t ~ s then t and s are simultaneously defined and 
identical, or they are simultaneously undefined. 

Definition 7.2.1 The relation {e}(af) y is inductively defined by 

R1 {(0,n, - q 

R2 {(1, n, i)}(mo, . . . , rrin-i) — rrii, for 0 < i < n 
R3 {(2, n, i)}(mo, . . . , run-i) — + 1, for 0 < i < n 

Rf {{3,n + 4)}{p,q,r,s,mo , . . . ~ p if r = s 

{(3,n + 4)}(p, g,r, s,mo, . . . ~ q if r s 

R5 {(4,n,6, co,...,Cfe_i)}(mo,---,«^n-i) - P if there are qo,...,qk-i such 
that {ci}(mo, . . . ~ gi(0 < i < k) and {6}(go, • ■ • ,9fe-i) — P 

R6 {(5,n + 2)}(p,g,mo,---,w„_i) ~ Sf{p,q) 

R7 {(6,n+ l)}(6,mo, . . . ~ p if {b}{mo, . . . ~ p. 

The function in R6 will be specified in the S'™ theorem below. 

Keeping the above reading of {e}{x) in mind, we can paraphrase the 
schema’s as follows: 

R1 the machine with index (0,n, g) yields for input 
(toqj • ■ ■ , iTin-i) output q (the constant function), 

R2 the machine with index (l,n,i) yields for input m out- 
put rrii (the projection function Pf), 

R3 the machine with index (2,n,i) yields for input m out- 
put TUi + l (the successor function on the ith argument), 

R4 the machine with index (3,n -I- 4) tests the equality of 
the third and fourth argument of the input and yields 
the first argument in the case of equality, and the second 
argument otherwise (the discriminator function), 

R5 the machine with index {A, n,b,cp, ... ,Ck-i) first sim- 
ulates the machines with index cq, ... , Ck-i with input 
TO, then uses the output sequence {qo, . . . , qk-i) as input 
and simulates the machine with index b (substitution), 

R7 the machine with index (6,n -|- 1) simulates for a given 
input 6, Too, . . . , TO„_i, the machine with index b and 
input Too, . . . , TO„_i (reflection). 

Another way to view R7 is that it provides a universal machine for all 
machines with n-argument inputs, that is to say, it accepts as an input the 
indices of machines, and then simulates them. This is the kind of machine 
required for the diagonalization process. If one thinks of idealized abstract 
machines, then R7 is quite reasonable. One would expect that if indices can 
be ‘deciphered’, a universal machine can be constructed. This was indeed ac- 
complished by Alan Turing, who constructed (abstractly) a so-called universal 
Turing machine. 

The scrupulous might call R7 a case of cheating, since it does away with 
all the hard work one has to do in order to obtain a universal machine, for 
example in the case of Turing machines. 
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As {e}{x) ~ y is inductively defined, everything we proved about induc- 
tively defined sets applies here. For example, if {e}(af) ~ y is the case, then 
we know that there is a formation sequence (see page 9) for it. This sequence 
specifies how {e} is built up from simpler partial recursive functions. 

Note that we could also have viewed the above definition as an inductive 
definition of the set of indices (of partial recursive functions) . 

Lemma 7.2.2 The relation {e}(af) ^ y is functional. 

Proof. We have to show that {e} behaves as a function, that is {e}{x) ~ y, 
{e}(al) 2 :^ z ^ y = z. This is done by induction on the definition of {e}. We 
leave the proof to the reader. □ 



The definition of {e}(n) ~ m has a computational content, it tells us what 
to do. When presented with {e}(n), we first look at e; if the first ‘entry’ of e 
if 0, lor2, then we compute the output via the corresponding initial function. 
If the first ‘entry’ is 3, then we determine the output ‘by cases’. If the first 
entry is 4, we first do the subcomputations indicated by {ci}(m), then we use 
the outputs to carry out the subcomputation for {6}(fi). And so on. 

If R7 is used in such a computation, we are no longer guaranteed that it 
will stop; indeed, we may run into a loop, as the following simple example 
shows. 

From R7 it follows, as we will see below, that there is an index e such that 
{e}(a;) = |a;}(a;). To compute {e} for the argument e we pass, according to 
R7, to the right-hand side, i.e. we must compute {e}(e), since e was introduced 
by R7, we must repeat the transitions to the right hand side, etc. Evidently 
our procedure does not get us anywhere! 

Conventions. The relation {e}(af) ~ y defines a function on a domain, which is 
a subset of the ‘natural domain’, i.e. a set of the form N". Such functions are 
called partial recursive functions; they are traditionally denoted by symbols 
from the Greek alphabet, ijj, ct, etc. If such a function is total on its natural 
domain, it is called recursive^ and denoted by a roman symbol, f,g,h, etc. 
The use of the equality symbol ‘=’ is proper in the context of total functions. 
In practice we will however, when no confusion arises, often use it instead of 
‘~’ . The reader should take care not to confuse formulas and partial recursive 
functions; it will always be clear from the context what a symbol stands for. 
Sets and relations will be denoted by roman capitals. When no confusion can 
arise, we will sometimes drop brackets, as in {e}x for {e}{x). Some authors 
use a ‘bullet’ notation for partial recursive functions: e • x. We will stick to 
‘Kleene brackets’: {e}{x). 

The following terminology is traditionally used in recursion theory: 

Definition 7.2.3 1. If for a partial function ip 3y{p{x) = y), then we say 

that p converges at x, otherwise p diverges at x. 

2. If a partial function converges for all (proper) inputs, it is called total. 
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3. A total partial recursive function (sic!) will be called a recursive function. 

4-. A set (relation) is called recursive if its characteristic function (which, by 
definition, is total) is recursive. 

Observe that it is an important feature of computations as defined in defini- 
tion 7.2.1, that {e}{tpo{n), ■ ■ ■ , ’4’k-i{n)) diverges if one of its arguments 

ipiin) diverges. So, for example, the partial recursive function {e}{x) — {e}(a;) 
need not converge for all e and x, we first must know that {e}(x) converges! 

This feature is sometimes inconvenient and slightly paradoxical, e.g. in 
direct applications of the discriminator scheme i?4, {(3, A)}{y}[x),'if{x), 0, 0) is 
undefined when the (seemingly irrelevant) function ip{x) is undefined. 

With a bit of extra work, we can get an index for a partial recursive func- 
tion that does definition by cases on partial recursive functions: 



Define 



{e}(f) 



{ei}(f) if gi{x) = g 2 {x) 
{e 2 }(f) if gi{x) yf g 2 {x) 



ip(x) 



ei if gi{x) = g 2 {x) 
62 if gi{x) yf g 2 {x) 



for recursive gi,g 2 - 



by ip{x) = {(3,4)}(ei,e2,5i(f),g2(:?))- So {e}(f) = {•0(f)}(f) = [byR7] 
{(6,n-|- l)}{i(j{x),x). Now use R5 (substitution) to get the required index. 

Since the primitive recursive functions form such a natural class of algo- 
rithms, it will be our first goal to show that they are included in the class of 
recursive functions. 



The following important theorem has a neat machine motivation. Consider 
a machine with index e operating on two arguments x and y. Keeping x fixed, 
we have a machine operating on y. So we get a sequence of machines, one for 
each X. Does the index of each such machine depend in a decent way on x7 
The plausible answer seems ‘yes’. The following theorem confirms this. 



Theorem 7.2.4 (The Theorem) For every m, n with 0 < m < n there 
exists a primitive recursive function such that 

{ ^ 0 ; ■ ■ • 5 — 1 ) } (^m; • ■ • ; ^n— 1 ) — {^} (^) ■ 

Proof. The first function, S),, occurs in R6, we have postponed the precise 
definition, here it is: 

y) = (4, (e)i - 1, e, (0, (e)i - 1, y), (1, (e)i - 1, 0), . . . , (1, (e)i - 1, u - 2)). 

Note that the arities are correct, {e} has one argument more than the con- 
stant function and the projection functions involved. 

Now {S),{e, y)}{x) = z there are qo ■ ■ ■ Qn-i such that 
{(0,(e)i - l,y)}(f) = go 
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{(l,(e)i - l,0)}(f) = qi 



{(l,(e)i - l,n- 2)}(f) = g„_i 
{e}{qo,...,qn-i) = z. 

By the clauses R1 and R2 we get qo = y and = Xi (0 < i < n — 1), so 
{S'^(e, y)}(a?) = {e}{y,x). Clearly, is primitive recursive. 

The primitive recursive function 5™ is obtained by applying m times. 
From our definition it follows that S'™ is also recursive. □ 



The S™ function allows us to consider some inputs as parameters, and 
the rest as proper inputs. This is a routine consideration in everyday math- 
ematics: ‘consider f{x,y) as a function of y’. The logical notation for this 
specification of inputs makes use of the lambda operator. Say t(x, j/, z) is a 
term (in some language), then Xx ■ t(x, y, z) is for each choice of y, z the func- 
tion X 1 -^ t{x,y,z). we say that y and z are parameters in this function. The 
evaluation of these lambda terms is simple: Xx ■ t{x, y, z)(n) = t(n^ y, z). This 
topic belongs to the so-called lambda- calculus, for us the notation is just a 
convenient tool to express ourselves succinctly. 

The 5™ theorem expresses a uniformity property of the partial recursive 
functions. It is obvious indeed that, say for a partial recursive function ip{x, y), 
each individual <p{n, y) is partial recursive (substitute the constant n function 
for x), but this does not yet show that the index of Xy-(p{x, y) is in a systematic, 
uniform way computable from the index of Lp and x. By the S'™ theorem, we 
know that the index of {e\{x, y, z), considered as a function of, say, z depends 
primitive recursively on x and y: {h(x,y)}{z) = {e}{x,y, z). We will see a 
number of applications of the S™ theorem. 

Next we will prove a powerful theorem about partial recursive functions, 
that allows us to introduce partial recursive functions by inductive definitions, 
or by implicit definitions. Partial recursive functions can by this theorem be 
given as solutions of certain equations. 

Example r \ f ^ if n is a prime, or 0, or 1 

^ ( ip(2n -I- 1) -I- 1 otherwise. 

Then (^(0) = ip{\) = <p{2) = (^(3) = 0, ^p{A) = <^(9) -k 1 = <^>(19) -k 2 = 2, 
:/j(5) = 0, and , e.g. :/3(85) = 6. Prima facie, we cannot say much about such 
a sequence. The following theorem of Kleene shows that we can always find a 
partial recursive solution to such an equation for ip. 

Theorem 7.2.5 (The Recursion Theorem) There exists a primitive re- 
cursive function rc such that for each e and x {rc(e)}(al) = {e}(rc(e), af). 

Let us note first that the theorem indeed gives the solution r of the fol- 
lowing equation: {r}(af) = {e}{r,x). Indeed the solution depends primitive 
recursively on the given index e: {/(e)}(a;) = {e}(/(e), a;). If we are not inter- 
ested in the (primitive recursive) dependence of the index of the solution on 
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the old index, we may even be content with the solution of {/}(a;) = {e}(/, x). 



Proof. Let ip{rn, e, x) = {e}{Sf_^_ 2 (rn, to, e),x) and let p be an index of ip. Put 
rc(e) = Sl_^_ 2 {p,p,e), then 



{rc(e)}(f) = {Sf_^_ 2 (p,p,e)}{x) = {p}{p,e,x) = p{p,e,x) 
= {e}('S'^+ 2 (P>P:e),f) = {e}(rc(e),x). 



As a special case we get the 



□ 



Corollary 7.2.6 For each e there exists an n such that {n}(a?) = {e}(n, a?). 

Corollary 7.2.7 If {e} is primitive recursive, then the solution of the equa- 
tion {/(e)}(af) = {e}(/(e),a;) given by the recursion theorem is also primitive 
recursive. 



Proof. Immediate from the explicit definition of the function rc. □ 



We will give a number of examples as soon as we have shown that we can 
obtain all primitive recursive functions. For then we have an ample stock of 
functions to experiment on. First we have to prove some more theorems. 

The partial recursive functions are closed under a general form of min- 
imalization, sometimes called unbounded search, which for a given recursive 
function f{y,x) and arguments x runs through the values of y and looks for 
the first one that makes f{y,x) equal to zero. 

Theorem 7.2.8 Let f be a recursive function, then p{x) = py[f(jj,x) = 0] 
is partial recursive. 



Proof. The idea is to compute consecutively f{0,x),f{l,x),f{2,x),... until 
we find a value 0. This need not happen at all, but if it does, we will get 
to it. While we are computing these values, we keep count of the number of 
steps. This is taken care of by a recursive function. So we want a function 
with index e, operating on y and x, that does the job for us, i.e. a ip that 
after computing a positive value for f{y,x) moves on to the next input y and 
adds a 1 to the counter. Since we have hardly any arithmetical tools at the 
moment, the construction is rather roundabout and artificial. 

In the table below we compute f{y,x) step by step (the outputs are in the 
third row), and in the last row we compute ip{y,x) backwards , as it were. 



y 


0 


1 


2 


3 




k-1 


k 


f{y,x) 


/(0,s) 






f{5,x) 




f{k- l,x) 


f{k,x) 




2 


7 


6 


12 




3 


0 


ip{y,x) 


k 


k-1 


k-2 


k-3 




1 


0 



ip{0,x) is the required k. The instruction for ip is simple: 
rli/; } ^ + 1, x) + 1 else 
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In order to find an index for ip, put ip{y,x) = {e}{y,x) and look for a value 
for e. We introduce two auxiliary functions ipi and ip 2 with indices b and c such 
that ipi{e, y,x) = 0 and V' 2 (e, y, x) = ip{y + 1, £) + 1 = {e}{y + 1, a;) + 1. The 
index c follows easily by applying and the S'^-theorem. If f{y,x) = 0 

then we consider ipi, if not, ip 2 - Now we introduce, by clause R4, a new function 
Xo which computes an index: 



Xo(e,2/,f) 



b if f{y,x) = 0 
c else 



and we put x(e,?/,af) = {xo{e,y , x)}{e,y , x) . The recursion theorem provides 
us with an index Cq such that x(eo,y,s) = {eo}{y,x). 

We claim that {eo}(0,a;) yields the desired value k, if it exists at all, i.e. 
eo is the index of the ip we were looking for, and ip{x) = {e}{o,x). 

If f{y,x) yf 0 then x{eo,y,x) = {c}{eo,y,x) = ip 2 {eo,y,x) = ip{y + l,x) + 1, 
and if f {y, x) = 0 then x(eo, y, x) = {6}(eo, y, x) = 0. 

If, on the other hand, k is the first value y such that f{y,x) = 0, then 
•0(0, x) = 0(1, x) + l = 0(2, x) + 2 = ■■■ = 0(yo, x) + ya = k. □ 



Note that the given function need not be recursive, and that the above 
argument also works for partial recursive /. We then have to reformulate 
k-y[f{x,y) = 0] as the y such that f{y,x) = 0 and for all z < y f{z,x) is 
defined and positive. 

Lemma 7.2.9 The predecessor is recursive. 

Proof. Define 

• j^_f0ifa: = 0 

\ Tv[y + 1 = a;] else 

where fiy[y + 1 = x] = y.y[f{y, x) = 0] with 



f{y,x) 



0 if y + 1 = a: 

1 else 



□ 



Theorem 7.2.10 The recursive functions are closed under primitive recur- 
sion. 



Proof. Let g and h be recursive, and let / be given by 

f /(0,f) = g{x) 

\f{y + ^,x) = h{f{y,x),x,y). 

We rewrite the schema as 

/ 9(x) if y = 0 

^ h(/(y — 1, x), X, y — 1) otherwise. 



On the right hand side we have a definition by cases. So, it defines a partial 
recursive function with index, say, a of y, x and the index e of the function 



7.2 Partial Recursive Functions 



225 



/ we are looking for. This yields an equation {e\{y,x) = {a}(y, x, e). By the 
recursion theorem the equation has a solution cq. And an easy induction on 
y shows that {cq} is total, so / is a recursive function. □ 

We now get the obligatory 

Corollary 7.2.11 All primitive recursive functions are recursive. 

Now that we have recovered the primitive recursive functions, we can get 
lots of partial recursive functions. 

Examples 

1. define (p{x) = {e}{x) + {f}{x), then by 7.2.11 and R5 ip is partial recur- 
sive and we would like to express the index of as a function of e and /. 
Consider 'ip{e,f,x) = {e}{x) + {/}(a;). if is partial recursive, so it has an 
index n, i.e. {n}{e,f,x) = {e}{x) + {f}{x). By the Sff theorem there is 
a primitive recursive function h such that {n}{e, f,x) = {h(n, e, /)}(x). 
Therefore, g{e, f) = h{n,e, f) is the required function. 

2. There is a partial recursive function (p such that ip{n) = {ip{n -|- 1) -|- 1)^: 
Consider { 2 }(n) = {e}{z,n) = ({z}(n-|-l)-|-l)^. By the recursion theorem 
there is a solution rc(e) for z, hence ip exists. A simple argument shows 
that ip cannot be defined for any n, so the solution is the empty function 
(the machine that never gives an output). 

3. The Ackermann function, see [Smorynski 1991], p.70 . Consider the fol- 
lowing sequence of functions. 

ipoim, n) = n + m 
ipi{m, n) = n ■ m 
ip 2 (jn, n) = n"* 

r ipk+i{Q,n) = n 

\ ifk+iijn -I- l,n) = ipk{ipk+iijn,n),n) [k > 2) 

This sequence consists of faster and faster growing functions. We can lump 
all those functions together in one function 

ip{k,m,n) = ipk{m,n). 

The above equations can be summarised 

</9(0, m,n) = n + m 

r 0 if fc = 0 

< ip{k -I- 1, 0, n) = < 1 if fc = 1 
[ n else 

^ ip(k + l,m + l,n) = ip{k, ip{k + 1, to, n),n). 
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Note that the second equation has to distinguish cases according to the 
(/5fc+i being the multiplication, exponentiation, or the general case {k > 2). 
Using the fact that all primitive recursive functions are recursive, we 
rewrite the three cases into one equation of the form {e}(fc,m,n) = 
/(e, k, TO, n) for a suitable recursive / (exercise 3). Hence, by the recursion 
theorem there exists a recursive function with index e that satisfies the 
equations above. Ackermann has shown that the function f(n, n, n) grows 
eventually faster than any primitive recursive function. 

4. The recursion theorem can also be used for inductive definitions of sets 
or relations; this is seen by changing over to characteristic functions, e.g. 
suppose we want a relation i?(x, y) such that 

R{x, y)^{x = 0Ay^0)V{x^0Ay^0)A R{x — l,y — 1)). 

Then we write 

Kr{x, y) = sg(sg(a;) • sg(y) + sg(a;) • sg{y) ■ Kr{x - 1, y - 1)), 
so there is an e such that 

KR{x,y) = {€}{Kr{x -l,y - l),x,y). 

Now suppose Kr has index z then we have 

{z}{x,y) = {e'}{z,x,y). 

The solution {n} as provided by the recursion theorem is the required 
characteristic function. One immediately sees that R is the relation ‘less 
than’. Therefore {n} is total, and hence recursive; this shows that R is 
also recursive. Note that by the remark following the recursion theorem we 
even get the primitive recursiveness of R. 

The following fundamental theorem is extremely useful for many appli- 
cations. Its theoretical importance is that it shows that all partial recursive 
functions can be obtained from a primitive recursive relation by one minimal- 
ization. 

So minimalization is the missing link between primitive recursive and (par- 
tial) recursive. 



Theorem 7.2.12 (Normal Form Theorem). There is a primitive recursive 
predicate T such that {e}{x) = ((yz)T(e, {x),z))i. 

Proof. Our heuristics for partial recursive functions was based on the machine 
metaphor: think of an abstract machine with actions prescribed by the clauses 
R1 through R7. By retracing the index e of such a machine, we more or less 
give a computation procedure. It now is a clerical task to specify all the steps 
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involved in such a ‘computation’. Once we have accomplished this, we have 
made our notion of ‘computation’ precise, and from the form of the specifica- 
tion, we can immediately conclude that “c is the code of a computation” is 
indeed primitive recursive. We look for a predicate T(e,u,z) that formalizes 
the heuristic statement ‘z is a (coded) computation that is performed by a 
partial recursive function with index e on input u’ (i.e. (x)). The ‘compu- 
tation’ has been arranged in such a way that the first projection of z is its 
output. 

The proof is a matter of clerical perseverance — not difficult, but not excit- 
ing either. For the reader it is better to work out a few cases by himself and 
to leave the rest, than to spell out the following details. 

First two examples. 

(1) The successor function applied to (1,2,3): 

S'f(l,2,3) = 2 -I- 1 = 3. Warning, here Sf is used for the successor function 
operating on the second item of the input string of length 3. The notation 
only used here. 

The index is e = (2, 3, 1), the input is m = (1, 2, 3), and the step is the direct 
computation 2; = (3, (1, 2, 3), (2, 3, 1)) = (3, m, e) 

(2) The composition of projection and constant functions. 

P|(C2(7,0),5,1) = 1. 

By R5 the input of this function has to be a string of numbers, so we have 
to introduce a suitable input. The simplest solution is to use (7,0) as in- 
put and manufacture the remaining 5 and 1 out of them. So let us put 
P|(C2(7, 0), 5, 1) = P|(C2(7, 0), C|(7, 0), C?(7, 0)). 

In order to keep the notation readable, we will use variables instead of the 
numerical inputs. 

‘p(yo,yi) = -Ff (Co (yo,yi), <^1(2/0, yi),C'?(yo, 2/1)) = C|(C^(?/o,yi),a:i,a;2). 

Let us first write down the data for the component functions: 





index 


input 


step 




(0,2,0) = eo 


(yo,2/i) = n 


0 

II 


cl 


(0,2,a;i) = ei 


{yo,yi) = u 


(xi,M,ei) = zi 




(0,2,X2) = 62 


{yo,yi) = u 


(x 2 ,M, 62 ) = Z2 


p6 
^ 2 


(1,3,2) = 63 


( 0 ,a;i,a; 2 ) = u' 


CO 

b) 

II 



Now for the composition: 





index 


input 


step 


f{yo,yi) 


(4, 2, 63 , 6 o, 6 i, 62 ) 


= e 


{yo,yi) = u 


{X2, (yo, yi), 6, 23, {zo, Zi,Z2)) = z 



As we see in this example, ‘step’ means the last step in the chain of steps 
that leads to the output. Now for an actual computation on numerical inputs, 
all one has to do is to replace yo, yi,xi,X2 by numbers and write out the data 
for ip{yo,yi). 
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We have tried to arrange the proof in a readable manner by providing a 
running commentary. 

The ingredients for, and conditions on, computations are displayed below. 
The index contains the information given in the clauses Ri. The computation 
codes the following items: 

(1) the output (3) the index 

(2) the input (4) subcomputations. 

Note that 2 in the table below is the ‘master number’, i.e. we can read 
off the remaining data from z, e.g. e = ( 2 ) 2 , Ith(u) = (e)i = (^) 2 .i, and 
the output (if any) of the computation, (z)q. In particular we can extract 
the ‘master numbers’ of the subcomputations. So, by decoding the code for a 
computation, we can effectively find the codes for the subcomputations, etc. 
This suggests a primitive recursive algorithm for the extraction of the total 
‘history’ of a computation from its code. As a matter of fact, that is essentially 
the content of the normal form theorem. 





Index 


Input 


Step 


Conditions on 
Subcomputations 




e 


u 


z 




Rl 


{0,n,q) 


(x) 


{q,u,e) 




R2 




(x) 


(xi,u,e) 




R3 


{2,n,i} 


(x) 


{xi + l,w, e) 




R4 


(3, n + 4) 


{p, q, r, s, X) 


(p, u,e) if r = s 
{q, u, e) if r / s 




R5 


(4, n, 6, co,...,Cfc_i) 


(f) 


({z')o,u,e,z', 


z',z'o, ■ ■ ■ ,4'-i are 
computations with 
indices 6, co, . . . , Ck-i- 
z' has input 

((z^')o,...,(4'-i)o). 


R6 


(5,n + 2) 


ip, q, x) 


(s,u,e) 


(cf. 7.2.4) 


R7 


(6, n + 1) 


{b,x} 


{{z')o,u,e,z') 


z' is a computation 
with input (i) 
and index b. 



We will now proceed in a (slightly) more formal manner, by defining a 
predicate C(z) (for z is a computation), using the information of the preceding 
table. For convenience, we assume that in the clauses below, sequences u (in 
Seq{u)) have positive length. 

C(z) is defined by cases as follows: 
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C{z) 



3g, u,e < z[z = {q, u, e) A Seq(u) A e = (0, Ith(M), q)] (1) 

or 

3u, e, i < «[« = {{u)i,u, e) A Seq(u) A e = (1, Ith(u), i)] (2) 

or 

3u, e,i < z[z = ({u)i + 1, u, e) A Seq(u) A e = (2, Ith(u), i)] (3) 

or 

3u, e < z[Seq(M) A e = (3, Itli(u)) A Ith(u) > 4 A ([2 = ((u)o, u, e)A 
A(m )2 = (m) 3 ] V [2 = ((u)i,M, e) A {u) 2 neq{u) 3 \)] (4) 



Seq( 2 ) A lth( 2 ) = 5 A Seq(( 2 ) 2 ) A Seq(( 2 ) 4 ) A lth(( 2 ) 2 ) = 

= 3 + lth{{z)i) A ( 2 ) 2,0 = 4 A C(( 2 ) 3 ) a ( 2 ) 3,0 = ( 2)0 A ( 2 ) 3,1 = 





(( 2 ) 4 . 0 , 0 , . . 


■ ! (■^)4,lth((z)4),o) A (2 


03,2 = ( 2 ) 2 , 2 A 






> 

> 

T 


[C((2)4,i) A (2)4,i,2 = 


= ( 2 ) 0 , 2 +* A ( 2 ) 4 ,+! 


= (^)il 


(5) 


(, u 


A 

II 


{s, u, e) A Seq(n) A e 


= (5, lth(u))A 






s - 


= (4, (m)o,i 


— 1, (m)o, (0, (m)o,i — 


b (w)i), (1, (u)o,i - 


-1,0),... 






, (1, (m)o,i 


^l,(e)i^2))], 






(6) 


L, e 


, w < 2 [Seq(u) A e = (6, lth(j/)) 


0 

II 

< 


0 A C{w)A 




A( 


w)2 = (u)o 


A (w)i = ((m)i,..., 


('^)lth(it) — 1 )] 




(7) 



We observe that the predicate C occurs at the right hand side only for 
smaller arguments, furthermore all operations involved in this definition of 
C(z) are primitive recursive. We now apply the recursion theorem, as in the 
example on page 4, and conclude that C{z) is primitive recursive. 

Now we put T{e,x,z) := C{z) A e = ( 2)2 A (x) = ( 2 ) 1 . So the pred- 
icate T{e,x,z) formalizes the statement ‘2 is the computation of the par- 
tial recursive function (machine) with index e operating on input {x)’. The 
output of the computation, if it exists, is U{z) = ( 2 ) 0 ; hence we have 
{e}(f) = {fizT{e,x,z))o 

For applications the precise structure of T is not important, it is good 
enough to know that it is primitive recursive. □ 

Exercises 

1. Show that the empty function (that is the function that diverges for all 
inputs) is partial recursive. Indicate an index for the empty function. 

2. Show that each partial recursive function has infinitely many indices. 

3. Carry out the conversion of the three equations of the Ackermann function 
into one function, see p.225. 
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7.3 Recursively enumerable sets 

If a set A has a recursive characteristic function, then this function acts as 
an effective test for membership. We can decide which elements are in A and 
which not. Decidable sets, convenient as they are, demand too much; it is 
usually not necessary to decide what is in a set, as long as we can generate it 
effectively. Equivalently, as we shall see, it is good enough to have an abstract 
machine that only accepts elements, and does not reject them. If you feed it 
an element, it may eventually show a green light of acceptance, but there is 
no red light for rejection. 



Definition 7.3.1 7. A set (relation) is (recursively) decidable if it is recur- 

sive. 

2. A set is recursively enumerable (RE) if it is the domain of a partial re- 
cursive function. 

3. = {£ G N^|3y({e}(af) = y}, i.e. the domain of the partial recursive 
function {e}. We call e the RE index of . If no confusion arises we 
will delete the superscript. 

Notation: we write (fix) I (resp. (fix) t) for ‘p{x) converges (resp. (fi{x) di- 
verges). 

It is good heuristics to think of RE sets as being accepted by machines, 
e.g. if Ai is accepted by machine Mi(i = 0, 1), then we make a new machine 
that simulates Mq and Mi simultaneously, e.g. you feed Mq and Mi an input, 
and carry out the computation alternatingly - one step for Mq and then one 
step for Ml, and so n is accepted by M if it is accepted by Mq or Mi. Hence 
the union of two RE sets is also RE. 



Example 7.3.2 7. N = the domain of the constant 1 function. 

2. % = the domain of the empty function. This function is partial recursive, 
as we have already seen. 

3. Every recursive set is RE. Let A be recursive, put 

tp{x) = p.y[KA{x) =yAy^0] 



Then Dom{tjj) = A. 

The recursively enumerable sets derive their importance from the fact that 
they are effectively given, in the precise sense of the following theorem. Fur- 
thermore it is the case that the majority of important relations (sets) in logic 
are RE. For example the set of (codes of) provable sentences of arithmetic or 
predicate logic is RE. The RE sets represent the first step beyond the decid- 
able sets, as we will show below. 
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Theorem 7.3.3 The following statements are equivalent, {A C N).' 

1. A = Dom(ip) for some partial recursive ip, 

2. A = Ran(ip) for some partial recursive ip, 

3. A = {x\3y R{x , y)} for some recursive R. 

Proof. (1) => (2). Define tp{x) = a;-sg((/ 9 (a;)+l). If a; S Dom((/j), then if{x) = x, 
so X £ Ran( 7 /i), and if a; S Ran(i/'), then (p{x) so a; € Dom((/ 5 ). 

(2) => (3) Let A = Ran((/j), with { 5 } = then 

a; e A 3w[T{g, {w)q, {w)i) A x = (w)i,q]. 

The relation in the scope of the quantifier is recursive. 

Note that w ‘simulates’ a pair: first co-ordinate — input, second co-ordinate — 
computation, all in the sense of the normal form theorem. 

(3) ^ (1) Define ip{x) = pyR{x, y). (pis partial recursive and Dom{(p) = A. 

Observe that (1) (3) also holds for A C N^. □ 

Since we have defined recursive sets by means of characteristic functions, 
and since we have established closure under primitive recursion, we can copy 
all the closure properties of primitive recursive sets (and relations) for the 
recursive sets (and relations). 

Next we list a number of closure properties of RE-sets. We will write sets 
and relations also as predicates, when that turns out to be convenient. 



Theorem 7.3.4 1. If A and B are RE, then so are AU B and An B 

2. If R{x, y) is RE, then so is 3xR{x, y) 

3. If R{x,y) is RE and p partial recursive, then R{p{y,z),y) is RE 
4- If R{x,y) is RE, then so are \/x < zR{x,y) and 3a; < zR{x,y). 

Proof. (1) There are recursive R and S such that 
Ay 3xR{x,^, 

By 3xS{x, y). 

Then Ay A By 3 a;ia; 2 (i?(a;i, ^ A S{x 2 ,y)) 

<t4> 3z{R{lz)o, y) A S{{z)i,y)). 

The relation in the scope of the quantifier is recursive, so A n R is RE. A 
similar argument establishes the recursive enumerability of A U R. The trick 
of replacing x\ and X 2 by (z)o and ( 2)1 and 3 a;ia ;2 by 3z is called contraction 
of quantifiers. 

(2) Let R{x,y) 325(2, a;, 2 ^ for a recursive S, then 3xR{x,y) <tA 
3a;325(2, a;, y) AA 3uS{{u)o, (u)i,y). So the projection 3xR{x,y) of R is RE. 
Geometrically speaking, 3xR{x,y) is indeed a projection. Consider the two- 
dimensional case. 
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The vertical projection S' of i? is given by Sx 3yR{x, y). 

(3) Let R be the domain of a partial recursive tp, then R{(p{y,z),y) is the 
domain of ip{(p{y, z),y). 

(4) Left to the reader. □ 

Theorem 7.3.5 The graph of a partial function is RE iff the function is 
partial recursive. 

Proof. G = {{x,y)\y = {e}(a;)} is the graph of {e}. Now (x,y) G G 
3z(r(e, (a;), z) Ay = (z)o), so G is RE. 

Conversely, if G is RE, then G(x, y) 3zR{x, y, z) for some recursive R. 
Hence <p{x) = {p,wR{x, {w)o, (w)i))o, so (p is partial recursive. □ 

We can also characterize recursive sets in terms of RE-sets. Suppose both 
A and its complement are RE, then (heuristically) we have two machines 
enumerating A and A'^. Now the test for membership of A is simple: turn 
both machines on and wait for n to turn up as output of the first or second 
machine. This must necessarily occur in finitely many steps since n G H or 
n G (principle of the excluded third!). Hence, we have an effective test. We 
formalize the above: 

Theorem 7.3.6 A is recursive A and A‘^ are RE. 

Proof. is trivial: A(af) 3yA(x), where y is a dummy variable. Similarly 
for A‘^. 

Let A{x)) 3yR{x,y),^A{x) 3zS{v,z). Since yx{A{x) V ^A(af)), we 

have \/x3y{R{x,y) V S{x,y)), so f{x) = py[R{x,y) V S{x,y)] is recursive and 
if we plug the y that we found in R{x, y), then we know that if R{x, f{x)) is 
true, the x belongs to A. So A{x) AA R{x, f{x)), i.e. A is recursive. □ 

For partial recursive functions we have a strong form of definition by cases: 

Theorem 7.3.7 Let ipi, . . . be partial recursive, Rq, . . . , Rk-i mutually 
disjoint RE-relations, then the following function is partial recursive: 

' tpo{x) if Rq{x) 
ipi{x) if Ri{x) 



ipk-iix) if Rk-i{x) 
t else 

V ' 



ip{x) = < 
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Proof. We consider the graph of the function ip. 

G{x,y) ^ {Rq{x) Ay = tpi{x)) V • • • V {Rk-i{x) Ay = tj;k-i{x)). 

By the properties of RE-sets, G{x, y) is RE and, hence, p{x) is partial recur- 
sive. (Note that the last case in the definition of p is just a bit of decoration). □ 

Now we can show the existence of undecidable RE sets. 



(1) (The Halting Problem (Turing)) 

Consider K = {x\3zT{x,x,z)}. K is the projection of a recursive relation, so 
it is RE. Suppose that is also RE, then x S AA 3zT{e,x,z) for some 
index e. Now e G K ^ 3zT{e, e, z) AA e G K'^. Contradiction. Hence K is not 
recursive by theorem 7.3.6. This tells us that there are recursively enumerable 
sets which are not recursive. In other words, the fact that one can effectively 
enumerate a set, does not guarantee that it is decidable. 

The decision problem for K is called the halting problem, because it can be 
paraphrased as ‘decide if the machine with index x performs a computation 
that halts after a finite number of steps when presented with x as input. Note 
that it is ipso facto undecidable if ‘the machine with index x eventually halts 
on input y\ 

It is a characteristic feature of decision problems in recursion theory, that they 
concern tests for inputs out of some domain. It does not make sense to ask 
for a decision procedure for, say, the Riemann hypothesis, since there trivially 
is a recursive function / that tests the problem in the sense that /(O) = 0 
if the Riemann hypothesis holds and /(O) = 1 if the Riemann hypothesis is 
false. Namely, consider the functions /o and /i, which are the constant 0 and 
1 functions respectively. Now logic tells us that one of the two is the required 
function (this is the law of the excluded middle), unfortunately we do not 
know which function it is. So for single problems (i.e. problems without a 
parameter), it does not make sense in the framework of recursion theory to 
discuss decidability. As we have seen, intuitionistic logic sees this ‘pathological 
example’ in a different light. 

(2) It is not decidable if {a;} is a total function. 

Suppose it were decidable, then we would have a recursive function / such 
that f{x) = 0 {a;} is total. Now consider 



By the Sff theorem there is a recursive h such that {h{x)}{y) = p{x,y). Now 
{h{x)} is total ^ X G K, so f{h{x)) = 0 AA x G K, i.e. we have a recur- 
sive characteristic function sg(/(ft.(a;))) for K. Contradiction. Hence such an 
/ does not exist, that is {a;|{a;} is total} is not recursive. 



Examples 
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(3) The problem ‘We is finite’ is not recursively solvable. 

In words, ‘it is not decidable whether a recursively enumerable set is finite’. 
Suppose that there was a recursive function / such that /(e) = 0 We is fi- 
nite. Consider the h{x) defined in example (2). Clearly Wh(^^) = Dom{/i(a;)} = 
0 <t4> a; ^ if , and Wh{x) is infinite for x G K. = 0 <t4> a; ^ if , and hence 

sg{f{h{x))) is a recursive characteristic function for if. Contradiction. 

Note that a; € if {a;}a; so we can reformulate the above solutions as 
follows: in (2) take <f{x,y) = 0 • {a;}(a:) and in (3) (fi{x,y) = {a;}(a:). 

(4) The equality of RE sets is undecidable. 

That is, {{x,y)\Wx = Wy} is not recursive. We reduce the problem to the 
solution of (3) by choosing Wy = 0. 

(5) It is not decidable if We is recursive. 

Put if{x,y) = {a;}(x) • {y}{y), then ip{x,y) = {h{x)}{y) for a certain recursive 
h, and 

T. \x \KHxGK 

Dom{Mx)} = |0 otherwise. 

Suppose there were a recursive function / such that f{x) = 0 <t4> Wx is 
recursive, then f{h{x)) = 0 <t4> a; ^ if and, hence, if would be recursive. 
Contradiction. 

There are several more techniques for establishing undecidability. We will 
treat here the method of inseparability. 



Definition 7.3.8 Two disjoint RE-setsWm andWn are recursively separable 
if there is a recursive set A such that Wn C A and Wm C A’^ . Disjoint sets 
A and B are effectively inseparable if there is a partial recursive (p such that 
for every to, n with A C Wm, B C Wm Wm C Wn = % we have 7>(to, n) | and 
tp(m,n) ^ Wm U Wn- 




We immediately see that effectively inseparable RE sets are recursively 
inseparable, i.e. not recursively separable. 
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Theorem 7.3.9 There exist effectively inseparable RE sets. 

Proof. Define A = {a;|{a;}(a;) = 0},B = {x\{x}{x) = 1}. Clearly An B = $ 
and both sets are RE. 

Let Wm n Wn = 0 and A C Wm,B C Wn. To define tp we start testing 
X G Wm or X G Wn] if we first find x G Wm, we put an auxiliary function a{x) 
equal to 1, if a; turns up first in Wn then we put o'(x) =0. 

Formally 

r 1 if 3z{T{m, x, z) and Vy < z^T{n, x, y)) 
a{m, n, a;) = < 0 if 3z{T{n, x, z) and Vy < z—T{m^ x, y)) 

[ t else. 

By the 5^ theorem {h(m,n)}{x) = a{m,n,x) for some recursive h. 

h{m, n) G Wm h{m, n) ^ Wn. So 3z(T(m, h{m, n), z) A 
Vy < z^T{n,h{m,n),y)) 

^ a{m^n,h{m,n)) = 1 {h{m,n)}{h{m,n)) = 1 

^ h{m,n) G B ^ h{m,n) G Wn. 

Contradiction. Hence h{m,n) ^ Wm- Similarly h{m,n) ^ Wn. Thus h is the 
required (p. □ 



Definition 7.3.10 A subset A o/N is productive if there is a partial recursive 
function ip, such that for each Wn Q A, p(n) J, and p(n) G A — Wn. 



L 




'A 

J 



The theorem above gives us the following 
Corollary 7.3.11 There are productive sets. 

Proof. The set A'^ defined in the above proof is productive. Let Wk C A'^. 
Put Wi = Bn Wk = Wn U Wk = Wh(n,k) for a suitable recursive function h. 
Now apply the separating function from the proof of the preceding theorem 

to A = Wm avadWh(n,k)Y- p{m,h{n,k)) G A<^ - Wm- □ 

Productive sets are in a strong sense not RE: no matter how one tries to 
fit an RE set into them, one can uniformly and effectively indicate a point 
that is missed by this RE set. 
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Exercises 

1. The projection of an RE set is RE, i.e. if i?(x, y) is RE then so is 3yR{x, y). 

2. (i) If A is enumerated by a strictly monotone function, then A is recursive, 
(ii) If A is infinite and recursive, then A is enumerated by a strictly in- 
creasing recursive function, (iii) An infinite RE set contains an infinite 
recursive subset. 

3. Every non-empty RE set is enumerated by a total recursive function. 

4. If A is an RE set and / a partially recursive function, then f~^{A){= 
{x\f{x) G A}) and f{A) are RE. 

5. Show that the following are not recursive 

(i) {{x,y)\W, = Wy} 

(ii) {siWa; is recursive} 

(hi) {a;|0 G Woo} 



7.4 Some arithmetic 

In the section on recursive functions we have been working in the standard 
model of arithmetic; as we are now dealing with provability in arithmetic we 
have to avoid semantical arguments, and to rely solely on derivations inside 
the formal system of arithmetic. The generally accepted theory for arithmetic 
goes back to Peano, and thus we speak of Peano arithmetic, PA (cf. 2.7) 

A major issue in the late 1920s was the completeness of PA. Godel put 
an end to prevailing high hopes of the day by showing that PA is incomplete 
(1931). In order to carry out the necessary steps for Godel’s proof, we have 
to prove a number of theorems in PA. Most of these facts can be found in 
texts on number theory, or on the foundation of arithmetic. We will leave a 
considerable number of proofs to the reader. Most of the time one has to apply 
a suitable form of induction. Important as the actual proofs are, the heart of 
Godel’s argument lies in his ingenious incorporation of recursion theoretic 
arguments inside PA. 

One of the obvious stumbling blocks for a straightforward imitation of ‘self- 
reference’ is the apparent poverty of the language of PA. It does not allow us 
to speak of, e.g., a finite string of numbers. Once we have exponentiation we 
can simply code finite sequences of numbers. Godel showed that one can indeed 
define the exponential (and much more) at the cost of some extra arithmetic, 
yielding his famous /3-function. In 1971 Matiyashevich showed by other means 
that the exponential is definable in PA, thus enabling us to handle coding of 
sequences in PA directly. Peano arithmetic plus exponentiation is prima facie 
stronger than PA, but the above mentioned results show that exponentiation 
can be eliminated. Let us call the extended system PA; no confusion will 
arise. 

We repeat the axioms: 

- Va:(^(a:) ^ 0), 
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- yxy{S{x) = S{y) ^ x = y), 

- yx{x + 0 = x), 

- yxy{x + S{y) = S{x + y)), 

- Vx(x -0 = 0), 

- \/xy{x ■ S{y) = x-y + x), 

- Vx(x° = 1), 

- \/xy{x^y = x^ ■ x), 

- (/j(0) A Vx(</?(x) ^ ip{S{x))) Vx<p(x). 

Since h 1 = S'(O), we will use both S'(x) and x + 1, whichever is convenient. 
We will also use the usual abbreviations. In order to simplify the notation, 
we will tacitly drop the ‘PA’ in front of ‘h’ whenever possible. As another 
harmless simplification of notation we will often simply write n for n when no 
confusion arises. 

In the following we will give a number of theorems of PA; in order to 
improve the readability, we will drop the universal quantifiers preceding the 
formulas. The reader should always think of ‘the universal closure of . . . ’. 

Furthermore we will use the standard abbreviations of algebra, i.e. leave 
out the multiplication dot, superfluous brackets, etc., when no confusion arises. 
We will also write ‘n’ instead of ‘77’. 

The basic operations satisfy the well-known laws: 

Lemma 7.4.1 . Addition and multiplication are associative and commuta- 
tive, and ■ distributes over +. 

(i) \- {x y) z = X {y z) 

(ii) \-x-\-y = y-\-x 
(Hi) h x{yz) = {xy)z 
{iv) \- xy = yx 

{v) h x(y z) = xy xz 
(vi) h x^+^ = x^x^ 

(vH) h {x^y = x'^^ 

1 . Routine. □ 

Lemma 7.4.2 (i) h x = 0 V 3y(x = Sy) 

(ii) \-x-\-z = y-\-z^x = y 
(Hi) h z fy 0 — > (xz = yz ^ X = y) 

(iv) h X fy 0 — > (x^ = x^ ^ y = z) 

(v) h y fy 0 — *■ (x^ = z^ ^ X = z) 

Proof. Routine. □ 

A number of useful facts is listed in the exercises. 

Although the language of PA is modest, many of the usual relations and 
functions can be defined. The ordering is an important example. 
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Definition 7.4.3 x < y := 3z{x + Sz = y) 



We will use the following abbreviations: 



x < y < z stands for x < y Ay < z 


Va; < y(fi{x) 


, , Va;(a; <y^ (p{x) 


3a; < y(fi{x) 


,, 3x{x<yAip{x) 


x>y 


,, y <x 


x<y 


,, X < yV X = y. 


Theorem 7.4.4 (i) 


1 — <x < X 


(n) 


\-x<yAy<z—>-x<z 


(Hi) 


\~x<yVx = yVy<x 


(w) 


0 = x\/ 0 < X 


(v) 


\~x<y^Sx = y\J Sx < y 


(vi) 


h a; < Sx 


(vii) 


1 — 'X < y A y < Sx 


(via) 


\~x<Sy^{x = y\/x<y) 


(ix) 


\-x<y^x-\-z<y-\-z 


(x) 


\-z^0—>-{x<y^xz< yz) 


(xi) 


\- X ^ Q ^ < y < z ^ x^ < : 


(xii) 


\~z^Q^{x<y^x’^< y^) 


(xiii) 


\- X < y ^ Sx < Sy 



Proof: routine. □ 

Quantification with an explicit bound can be replaced by a repeated dis- 
junction or conjunction. 

Theorem 7.4.5 h Va; < n<f{x) <-> (^(0) A ... A ip{n — 1), {n > 0), 
h 3a; < nip{x) <-> (^(0) V ... V (p{n — 1), (n > 0) 

Proof. Induction on n. □ 

Theorem 7.4.6 (i) well-founded induction 

h Va;(Vy < x ip{y) p{x)) — > 'ixLpfx) 

(ii) least number principle (LNP) 

h 3xip{x) 3x{(p{x) A Vy < x^(f{y))) 

Proof: (i) Let us put tp{x) := Vy < x<p{y). We assume 'ix{'if{x) and 

proceed to apply induction on if{x). 

Clearly h 

So let by induction hypothesis if{x). 

Now if{Sx) [Vy < SxLp{y)] [Vj/((j/ = xV y < x) ^ <7’(?/))] ^ 

[Vy((?/ = x^ </?(?/)) A{y <x^ 7>(y)))] ^ A{y <x^ 7’(y)))] ^ 

[:p{x) A Vy < x:p{y)] ^ [p{x) A ip{x)] 

Now if{x) was given and il}{x) — > :p{x). Hence we get ip^Sx). This shows 
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\/xtp{x), and thus we derive \/xip{x). 

(ii) Consider the contraposition and reduce it to (i). □ 

In our further considerations the following notions play a role. 

Definition 7.4.7 (i) Divisibility 

x\y := 3z{xz = y) 

(ii) Cut- ojf subtraction. 

z = y — x:={x<yAx-\-z = y)\/{y<xAz = 0) 

(Hi) Remainder after division. 

z = rem{x, y) := {x ^ 0 A 3u{y = ux z) A z < x) \/ {x = 0 A z = y) 
(Hi) X is prime. 

Prime{x) \= x > \ A \/yz{x = yz ^ y = xV y = 1) 

The right hand sides of (ii) and (iii) indeed determine functions, as shown in 



Lemma 7.4.8 (i) h \/xy3\z{{x < y A z -\- x = y)y {y < x A z = 0)) 

(ii) h \/xy3\z{{x ^ 0 A 3u{y = ux z) A z < y)y [x = 0 A z = 0)). 

Proof. In both cases induction on y. □ 

There is another characterization of the prime numbers. 



Lemma 7.4.9 (i) h Prime{x) ^ x > I A Vy(y|x ^y = l'dy = x) 
(ii) h Prime{x) ^ x > 1 A \/yz{x\yz x\y V x\z) 



Proof (i) is a mere reformulation of the definition. 

(ii) ^ is a bit tricky. We introduce a bound on the product yz, and do wf- 
induction on the bound. Put (p{w) = 'iyz < w{x\yz — > x\y V x\z). We now 
show < w(fi{v) — >■ ip{w)) 

Let \/v < w(fi{v) and assume i.e. there are y,z < w such that 

x\yz, -■ x\y, -■ x\z We will ‘lower’ the y such that the w is also lowered. Since 
-> x\y,^ x\z^ we have z yf 0. Should y > x, then we may replace it by y = 
rem{x,y) and carry on the argument. So let y < x. Now we once more get 
the remainder, x = ay b with b < y. We consider 6 = 0 and 6 > 0. 

If 6 = 0, then x = ay; hence y = iVy = x.lfy = 1, then x\z. Contradiction. 
If y = a; then x\y. Contradiction. 

Now if 6 > 0, then bz = {x — ay)z = xz — ayz. Since a;|yz, we get x\bz. 
Observe that bz < yz < w, so we have a contradiction with Vf < unp(v). 
Hence by RAA we have established the required statement. 

For <— we only have to apply the established facts about divisibility. □ 

Can we prove in Peano’s arithmetic that there are any primes? Yes, for 
example PA h Va;(a; > 1 ^ 3y{Prime{y) A y\x) 
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Proof. Observe that 3y{y > 1 A y\x). By the LNP there is a least such y. 
3y{y > 1 A y\x A Vz < y{z > 1 ^ z\y)) 

Now it is easy to show that this minimal y is a, prime. 

Primes and exponents are most useful for coding finite sequences of natural 
numbers, and hence for coding in general. There are many more codings, and 
some of them are more realistic in the sense that they have a lower complexity. 
For our purpose, however, primes and exponents will do. 

As we have seen, we can code a finite sequence (uq . . . , rik-i) as the number 
2 ^ 10+1 . gm + l 

We will introduce some auxiliary predicates. 



Definition 7.4.10 (Successive primes) Succprimes{x, y) := x < y A 

Prime{x) A Prime{y) A Vz(x < z < y ^ ^Prime{z)) 

The next step is to define the sequence of prime numbers 2, 3, 5, . . .p„, . . . ,. 
The basic trick here is that we consider all successive primes with ascending 
exponents: 2^^, 3^, 5^, 7^, . . . p®. We form the product and then pick the last 
factor. 

Definition 7.4.11 (The a;th prime number, px) Px = y ■= 3z{~^2\z A 
\/v < y 

Vm < y{Succprirae{v , u) Vrc < z(y'^\z u'^'^^\z)) Ay^\z y^~^^ \z) 

Observe that, as the definition yields a function, we have to show 

Lemma 7.4.12 h 3z{~^2\z A\/v < yfiu < yo{Succprime{v,u) — > \/w < 
z{v'^\z a y^\z A ^ Vo^'^\z) A 

3z(^2|z A Vu < yiVu < yi{Succprime{v,u) — *■ Vw < z{v'^\z u^^^\z)) A 

yf\zA^ yf^^\z) ^ yo = yi 

The above definition just mimicks the informal description. Note that we 
can bound the existential quantifier as 3z < y^ We have now justified the 
notation of sequence numbers as products of the form 

The reader should check that according to the definition po = 2. The decoding 
can also be defined. In general one can define the power of a prime factor. 

Definition 7.4.13 (decoding) {z)k = v := p^'^^lz A ^p'jf^‘^\z 

The length of a coded sequence can also be extracted from the code: 

Definition 7.4.14 (length) lth{z) = x := Px\z A^y < z{py\z y < x) 

Lemma 7.4.15 h Seq{z) (lth{z) = a; <-> {px\z A ^p^^+il^)) 



7.4 Some arithmetic 
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We define separately the coding of the empty sequence: () := 1 
The coding of the sequence (xq, ■ ■ ■ , Xn-i) is denoted by (xg, ■ • ■ , Xn-i) 

Operations like concatenation and restriction of coded sequences can be 
defined such that 

(xq • ■ • Xn—l) ^ (po ■ • ■ Vm— 1 ) — (^0 ; • ■ ■ Xn— 1 , Po ■ • ■ Pm—l) 

{xg . . . Xn — l}\m = (xg . . . Xm ~ 1), where m < n (warning: here | is used 
for the restriction relation, do not confuse with divisibility). 

The tail of a sequence is defined as follows: 

tail{p) = 2 ; <-> (3x{p = (x) * z) V (lth{p) = 0 A z = 0)). 

Closed terms of PA can be evaluated in PA: 

Lemma 7.4.16 For anp closed term t there is a number n such that \- t = n. 

Proof. External induction on t, cf. lemma 2.3.3. Observe that n is uniquely 
determined. □ 

Corollary 7.4.17 N ^ = f 2 => b = ^2 for closed ti,t 2 - 

Godel’s theorem will show that in general Hrue in the standard modcT (we will 
from now on just say ‘true’) and provable in PA are not the same. However 
for a class of simple sentences this is correct. 

Definition 7.4.18 (i) The class Ag of formulas is inductively defined by 
(fi G Ag for atomic ip 

ip,ip € Ag ^ P Ail^pM tjj,p ^ G Ag 
p G Ag ^Vx < yp, 3x < yp G Ag 

(a) The class Si is given by: 

p, ->p G Si for atomic p 

p,il) G Si ^ py if.p Alp G Si 

p G Si ^\/x < yp, 3x < yp, 3xp G Si 

A formula is called strict Si if it is of the form 3xp(x), where p is Ag. 

We will call formulas in the classes Ag and Si, Ag , ifi-formulas respec- 
tively. Formulas, provably equivalent to Si formulas, will also be called Si 
formulas. 

For ifi-formulas we have that ‘true = provable’. 

Lemma 7.4.19 G p or \ — >p, for Ag-sentences p. 

Proof. Induction on p. 

(i) p atomic. If p = ti = t 2 and ti = t 2 is true, see corr. 7.4.17. 

If ti = t 2 is false, then ti = n and t 2 = m, where, say, n = m + k with k > 0. 
Now assume (in PA) ti = t 2 , then rn = m. + k. By 7.4.2 we get 0 = k, 7.4.19 
But since k = S{1) for some I, we obtain a contradiction. Hence I <ti = ^ 2 - 
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(ii) The induction cases are obvious. For Vx < t(p{x), where t is a closed term, 
use the identity \/x < nip{x) (^(0) A ... A ip{n — 1). Similarly for 3x < tip{x). 
□ 



Theorem 7.4.20 (Fi'i-completeness) \=<f PA h tp, for Si sentences p. 

Proof. Since the truth of 3xp{x) comes to the truth of p(n) for some n, we 
may apply the above lemma. □ 



7.5 Representability 

In this section we will give the formalization of all this in PA, i.e. we will show 
that definable predicates exist corresponding with the predicates introduced 
above (in the standard model) - and that their properties are provable. 



Definition 7.5.1 (representability) - a formula p{xo, . . . ,Xn-i,y) rep- 
resents an n-ary function f if for all ko, , fc„-i 

/(fco, . . . , kn-i) =p^ \- \/y{p(ko , . . . , kn-i,y) ^ y = p) 

- a formula p{xo , . . . , Xn-i) represents a predicate P if for all fco, . . . , kn-i 

P{ki)j . . . , l) b ; ^n— l) 

and 

. ..,kn)^ I >p(ko, . . . , kn-l) 

- a term t{xQ , . . . , Xn-i) represents f if for all fco, . . . , kn-i 

f{ko, . . . , kn-l) = P^ \- t(ko, . .., kn-l) = p 

Lemma 7.5.2 If f is representable by a term, then f is representable by a 
formula. 

Proof: Let / be represented by t. Let /(k) = p. Then h t(k) = p. Now de- 
fine the formula p{x,y) := t(x) = y. Then we have h p{\^,p). And hence 
p = y ^ p{k, y). This proves h v^(k, y) ^ p = y. □ 

Sometimes it is convenient to split the representability of functions into 
two clauses. 



Lemma 7.5.3 A k-ary function is representable by p iff 
f{no-nk-i) = m^\- p(jif,...,npS[,fh) and \- 3lzp{nii . . .rp~i, z). 



7.5 Representability 243 



Proof. Immediate. Note that the last clause can be replaced by 



h (f(no . . . nk-i,z) ^ z = m. 



□ 



The basic functions of arithmetic have their obvious representing terms. 
Quite simple functions can however not be represented by terms. E.g., the 
sigma function is represented by (f{x, y) := (a; = 0 A y = 0) V {~^x = 0 A y = 1), 
but not by a term. However we can easily show h \/x3\yip{x^ y), and therefore 
we could conservatively add the sg to PA (cf. 3.4.6). Note that quite a number 
of useful predicates and functions have Aq formulas as a representation. 

Lemma 7.5.4 P is representable Kp is representable. 

Proof Let (p{x) represent P. Define tjj{x, y) = {<p{x) A (y = 1)) V {-•(p{x) A (y = 
0)). Then ip represents Kp, because if Ap(k) = 1, then P(k), so h </?(k) 
and h V'(k,y) ^ (y = 1), and if Kp(k) = 0, then ^P(k), so h “>7?(k) 
and h tp(h,y) (y = 0). Conversely, let ipix^y) represent Kp. Define 
if{x) := "pix^ 1). Then ip represents P. □ 

There is a large class of representable functions, it includes the primitive 
recursive functions. 

Theorem 7.5.5 The primitive recursive functions are representable. 

Proof. Induction on the definition of primitive recursive function. It is sim- 
ple to show that the initial functions are representable. The constant function 
is represented by the term to, the successor function S is represented by 
X -I- 1, and the the projection function P^ is represented by xp 
The representable functions are closed under substitution and primitive re- 
cursion We will indicate the proof for the closure under primitive recursion. 



Claim: / is represented by a{x,y,z), which is mimicking 3w € Seq{lth(w) = 
y -I- 1 A ((w)o = g(x) A Vi < y((w)j+i = h{{w)i, x, i) A z = {w)y) 




g is represented by <p, h is represented by ip : 




cr(x, y, z) := 3w G Seq{lth{w) = y + 1 f\ <^(x, (u>)o)A 
Vi < y(V’((w)i, X, i, (w)*+i) ^z = (w)y) 
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Now let f{n,p) = m, then 



' /(n,0) = g{ft) 

= Hf{n,0),n,0) 



— 0-0 
= ai 
= 02 



^ f{n,p) = h{f{n,p- 1), n,p - 1) = Op = TO 
Put w = (oo, . . . , Op); note that lth{w) = p + 1. 

5(«) = f{n, 0) = Oo p(n, oq) 

f{n, 1) = oi ^/>(oo, n, 0, oi) 



f{n,p) = ap ^/>(op_i,n,p- l,Op) 



Therefore we have h lth{w) = p + 1 A <p(fi, oq) A V'(ooj 0, oi) A ... A 
'!/'(op_i, n,p — 1, Op) A {w)p = TO and hence h a(n,p, to). 

Now we have to prove the second part: h a{n,p,z) —fz = m. We prove 
this by induction on p. 

(1) p=0. Observe that h (j{n, 0, z) :p(n, z), and since p represents p, we get 

hp(n, z)^z = TO 

(2) p = g + 1. Induction hypothesis: h cr(fi, q, z) ^ z = f{n, q){= to) 
cr(n, g + 1, z) = dw G Seq{lth{w) = g + 2 A p(n, (w)o) A 

Vi < y{t/j{{w)i,n,i, {w)i+i) Az = (w)g+i). 

We now see that 

h cr(n, g + 1, ^) ^ 3u((r(n, g, u) A tpiu, n, g, z). 

Using the induction hypothesis we get 

h cr(n, g + 1, z) ^ 3u(u = f{n, q) A n, g, z)) 

And hence h cr(n, g + 1, z) ^ '0(/(n, g), n, g, z) 

Thus by the property of ip: h cr(n, g + 1, z) ^ z = f{n, g + 1) 

It is now one more step to show that all recursive functions are repre- 
sentable, for we have seen that all recursive functions can be obtained by a 
single minimalization from a primitive recursive predicate. □ 

Theorem 7.5.6 All recursive functions are representable. 

Proof. We show that the representable functions are closed under minimaliza- 
tion. Since representability for predicates is equivalent to representability for 
functions, we consider the case /(a?) = pyP{x, y) for a predicate P represented 
by p, where yx3yP{x,y). 

Claim: ip{x,y) := Lp{x,y) A Vz < y^(p{x,z) represents pLyP{x,y). 



7.5 Representability 245 



m = ^yP{fi, y) => P{n, m) A ^P{n, 0) A ... A ~^P{n, m — 1) 

^ h f^(n, m) A -xpin, 0) A ... A m — 1) 

^ h f^(n, m) A\/z < m^(p{n, z) 

=> h '0(ri, m) 

Now let ip{n,y) be given, then we have ip{fi,y) A Vz < y^(p{n,z). This 
immediately yields m > y. Conversely, since if{n,m), we see that m < y. 
Hence y = m. This informal argument is straightforwardly formalized as 
\- (fi{n,y) ^ y = m. □ 



We have established that recursive sets are representable. One might per- 
haps hope that this can be extended to recursively enumerable sets. This 
happens not to be the case. We will consider the RE sets now. 

Definition 7.5.7 R{x) is semi-representable in T if R{n) T \- ip{n) for a 

Theorem 7.5.8 R is semi-representable AA R is recursively enumerable. 
For the proof see p. 250. 

Corollary 7.5.9 R is representable AA R is recursive. 



Exercises 



1. Show 

ha;-|-?/ = 0^a; = 0Ay = 0 
\-xy = 0^x = 0Wy = 0 
\-xy = l^x=lAy=l 
\~x^ = l^y = 0'Vx=l 
\-x^ = 0—^x = 0Ay^0 

\-x-\-y=l^{x = 0Ay = l)W{x = lAy = 0) 

2. Show that all 27i-formulas are equivalent to prenex formulas with the ex- 
istential quantifiers preceding the bounded universal ones (Hint. Consider 
the combination \/x < t3yip(x, y), this yields a coded sequence z such that 
\/x < tip{x, (z)x)). I.e. in PA Ei formulas are equivalent to strict Ei for- 
mulas. 

3. Show that one can contract similar quantifiers. E.g. \/x\/yip{x,y) 
yz(fi{{z)o,{z)i). 
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7.6 Derivability 

In this section we define a coding for a recursively enumerable predicate 
Thm{x), that says “a; is a theorem”. Because of the minimization and up- 
per bounds on quantifiers, all predicates and functions defined along the way 
are primitive recursive. Observe that we are back in recursion theory, that is 
in informal arithmetic. 



Coding of the syntax 



The function codes the syntax. For the alphabet, it is given by 



A 




V 


0 


S 


-h 




exp 


= 


( 


) 


Xi 


2 


3 


5 


7 


11 


13 


17 


19 


23 


29 


31 


Pll+i 



Next we code the terms. 



Finally we code the formulas. Note that {A,— *-,V} is a functionally complete 
set, so the remaining connectives can be defined. 



^{t = sy 
A 

Const{x) and V ar{x) 
spectively. 



characterize the codes of constants and variables, re- 



Const{x) 
V ar{x) 
Fncl{x) 
Fnc2{x) 



X = '"0"' 

3i < x{pii+i = x) 
x = ^S~^ 

X = '"-I-"' V a; = V a; = '~ea;p~' 



Term{x) — x is a term — and Form(x) — x is a formula — are primi- 
tive recursive predicates according to the primitive recursive version of the 
recursion-theorem. Note that we will code according to the standard function 
notation, e.g. +{x, y) instead of a; -I- y. 



Term{x) := Const{x) V V ar{x)\/ 

(^Seq{x) A lth{x) = 4 A F"ncl((a;)o)A 

(a;)i = A Term{{x)2) A (a ;)3 = 

(^Seq{x) A Ith(x) = 5 A Fnc2{{x)o)f\ 

(a;)i A rerm((a;)2) A Term((a;)3) A (a;)4 = 
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Form{x) := < 



Seq{x) A lth{x) = 5 A (a;)o = A (1)4 = '~)~'A 
^erm{{x)i) A {x )2 = A Term((x)3)^ V 
(^Form{{x)i) A (x)2 = '"A"' A Form^^x)^)^ V 
(^Form{{x)i) A (a;)2 = A Form((a;)3)^ V 
^(a;)i = '"V"' A Var{{x) 2 ) A Form{{x) 3 )'^ 



All kinds of syntactical notions can be coded in primitive recursive predicates, 
for example Free{x, y) — x is a free variable in y, and FreeFor{x, y,z) — x 
is free for y in z. 



Free{x,y) := < 



(Var{x) A Term{y) A -<Const{y)A 

{Var{y) ^ x = y)A 

{Fncl{{y)o) Free{x, (y)2))A 

{Fnc 2 {{y)o) {Free{x, (y)2) V Free{x, (y)3)))) 



or 



(Var{x) A Form{y)A 

iiy)i 7^ '"V ^ {Free{x, (y)i) V Free{x, (y)3)))A 
{{y)i = '"V ^ (a; yf {y)2 A Free{x, {y)i) 



FreeFor{x, y, z):= 



' Term{x) A Var{y) A Form{z)A 

[(W2=^=^)V 

< ^(z)iy^'~V~'AJ^reeFor(a;, y, {z)i)AFreeFor{x,y, (2)3^ V 
^(z)i = '~V~' A ~^Free{{z)2, x)A 
^ {Freeiy, z) (Free((z)2, a;) A Free{x, y, (^)3)))) 



Having coded these predicates, we can define a substitution-operator Sub such 
that Sub{^ip~^,^x~^,^V) = ^y}[t/x\^. 
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Sub{x,y,z) 



X if Const(x) 

X if Var{x) A x ^ y 

z if Var{x) Ax = y 

{{x)o, Sub{{x) 2 , y, z), '■)“') if Term{x)A 

Fncl{{x)o) 

((x)o, T', Sub{{x) 2 , y, z), Sub{{x)3, y, z),'~)~') if Term{x)A 

Fnc2{{x)o) 

Sub{{x)i,y, z), [x) 2 , Sub{{x) 3 , y, z),’~y) if Form{x)A 

FreeFor{x,y, z)A 
{x)o 7^ 

('■(■', (a;)i, {x) 2 , Sub{{x) 3 , y, z ), if Form{x)A 

FreeFor{z, y, x)A 
{x)o = 

0 else 



Clearly Sub is primitive recursive (course of value recursion). 



Coding of derivability 



Our next step is to obtain a primitive recursive predicate Der that says that 
X is a derivation with hypotheses yo^ - ■ ■ ,yith{y)-i conclusion z. Before 
that we give a coding of derivations. 



initial derivation 

[<P] 

A I 

Di Z?2 

±_ 

{(pAtp) 

A E 

D 

P 

I 

P 

D 

E 

Di D2 

tP 






((0,^A- 



'Di' 




'D 2 


. ^ . 


5 


. V' . 









D 

{y} Alp) 






((0 



5 h 



D 

iP 









'D{ 




[ D 2 1 


. ^ . 


7 


1 

T 
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RAA 



{ip A) 

D 






VI 



V E 



D 



iyxp) 

D 

(Vxt/j) 



p[t/2 






= ((0,^V^), 












D 

(Vx<^) 






For Der we need a device to cancel hypotheses from a derivation. We con- 
sider a sequence y of (codes of) hypotheses and successively delete items u. 

r y if lth{y) = 0 

Cancel{u,y) := < Cancel{u,tail{y)) if (y)o = u 

[ {{y)o,Cancel{u,tail{y))) if (y)o ^ u 

Here tail{y) = z (lth{y) > 0 A 3x{y = (x) * z) V {lth{y) = 0 A z = 0) 



Now we can code Der, where Der{x,y,z) stands for ‘a; is the code of a 
derivation of a formula with code 2 from a coded sequence of hypotheses y' . 
In the definition of Der A is defined as (0=1). 

Der{x, y, z) := Form{z) A Form{{i)y) A 

< lth{y){z = {y)i A a; = (0, z)^ 
or 

^3a;ia;2 < x3yiy2 < x3ziZ2 < xy = yi * y 2 /\ 

Der{xi,yi,zi) A Der{x 2 ,y 2 , Z 2 ) A 
2 : = ('“(“', 2 i, 22 , '“)“') Ax= ((0, '“A“'), a;i, a; 2 , 2 )) 

or 

^3m < a;3a;i < a;32i < x Der{x\,y, zi) A 
(21 = (AA A U, V (21 = (AA u, ^AA 2 , 0^)) A 
X = {{l,^A~^),Xi,z)'j 
or 

^3a;i < a;3yi < a;3u < a;32i < x{y = Cancel{u,yi) V 
y = yi) A L>er(xi,yi, 2 i) A 2 = ('“(“', m, 21 , '“)“') A 
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( 3 x 1 X 2 < x3yiy2 < x3ziZ 2 <x{y = yi*y2/\ 

Der{xi,yi,zi) A Der{x 2 ,y 2 , Z 2 ) A 

^2 = r (^, ^1, A X = ((1, Xi, X2, ^))) 

or 

^3xi < x3zi < x3x < x{Der{xi,y, zi) A Var{y) A 
^Free{v, (y),) A 2 = (^V^, v, AA A)^) A 

X = ((0,'“V“'),xi,2;i))) 
or 

(31 < x3z; < x3xi < x32i < x{V ar{v) A Term{t) A 

Freefor{t, v,z\) /\ z = Sub{zi, v, t) A 

Der{x,,y, v, AA ^1, 0^) A x = ((1, ^V^), y, z))) 
or 

^3xi < x3yi < x3zi < x{Der{xi,yi, ('~_L~')) A 

y = Cancel{{z,^^~',^F~'),yi) A x = ((1, xi, zi))^ 



Coding of provability 

The axioms of Peano’s arithmetic are listed on page 236. However, for 
the purpose of coding derivability we have to be precise; we must include the 
axioms for identity. They are the usual ones (see 2.6 and 2.10.2), including 
the ‘congruence axioms’ for the operations: 

(xi = 2/1 A X2 = 2/2) ^ (5'(xi) = S{yi) A xi + X2 = 2/1 + 2/2 A 
xi • X2 = 2/1 ■ 2/2 A Xi’' = 2/f) 

These axioms can easily be coded and put together in a primitive recursive 
predicate Hx(x) — x is an axiom. The provability predicate Prov{x, z) - x is 
a derivation of z from the axioms of VA - follows immediately. 

lth{y)-l 

Prov{x,z) := 3y < x[Der{x,y, z) A A Miy)^)) 

i=0 

Finally we can define Thm(x) — x is a theorem. Thm is recursively enumer- 
able. 

Thm{z) := 3xProx(x, z) 

Having at our disposition the provability predicate, which is we can 
finish the proof of ‘semi-representable = RE’ (Theorem 7.4.9). 

Proof. For convenience let R be unary recursively enumerable set. 

R is semi-representable by ip. R{n) AA h p{n) <tA 3yProv ['~ip{n'p,y). 
Note that '~ip{ny is a recursive function of n. Prov is primitive recursive, so 
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R is recursively enumerable. 

<^=: R is recursively enumerable R(n) = 3xP(n,x) for a primitive re- 
cursive P. P{n,m) h for some ip. R{n) P(n^m) for some 

TO h p(n,m) for some to h 3yp(n,y). Therefore we also have 

h 3yp{n,y) R{n). So 3yp(n,y) semi-represents R. □ 



7.7 Incompleteness 

Theorem 7.7.1 (Fixpoint theorem) For each formula p{x) (withFV {p) = 
{a;} ) there exists a sentence tp such that h piffP) ip. 

Proof. Popular version: consider a simplified substitution function s{x, y) which 
is the old substitution function for a fixed variable: s{x,y) = Sub{x,'~xo~',y). 
Then define 6{x) := p(^s{x,x)). Let to := '~6*(a;)~', then put ijj := 9(rn). Note 

that Ip 6(rrij <-> p(^s{Tf%,m)^ <-> to)) p(^’~9{Wiy^ <-> p(ytj?y 

This argument would work if there were a function (or term) for s in the 
language. This could be done by extending the language with sufficiently 
many functions (“all primitive recursive functions” surely will do). Now we 
have to use representing formulas. 

Formal version: let a{x,y, z) represent the primitive recursive function s{x,y). 
Now suppose 9{x) := 3y{p{y) A a{x,x,y)),m = '~9{xJ' and ip = 9{m). Then 

tp ^ 9{m) ^3y{p{y) Aa{m,m,y)) (7.1) 

h yy{a{jn,m, y) ^ y = s{m, to)) 

A'iy[a{m,m,y) ^ y = ^9{jny) (7.2) 

By logic (1) and (2) give ip 3y(^p{y) Ay = '~9{rny) so tp ^ p(y9{my) ^ 
pfP). □ 



Definition 7.7.2 (i) PA (or any other theory T of arithmetic) is called 

uj-complete if F 3xp{x) h p(ji) for some n G N. 

(ii) T is Lu-consistent if there is no p such that (F 3xp{x) and I 'p{ri) for 

all n) for all p. 

Theorem 7.7.3 (Gddel’s first incompleteness theorem) 

If PA is Lu-consistent then PA is incomplete. 

Proof. Consider the predicate Prou (a;, y) represented by theformulaProu {x,y). 
Let Thm (x) := 3yProv (a;, y). Apply the fixpoint theorem to -^Thm (a;): there 
exists a p such that F ^Thm()~p'). p, the so-called Godel sentence, says 
in PA: “I am not provable.” 
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Claim 1: If \- ip then PA is inconsistent. 

Proof, h => there is a n such that Prov ('V”', n), hence h Prov ('V”', n) => 
h 3yProv y) h T/im I up. Thus PA is inconsistent. □ 

Claim 2: If I >p then PA is ^-inconsistent. 

Proof, h ~^p h Thm{'~<^) h 3xProv {'~<p' , x) . Suppose PA is 

w-consistent; since w-consistency implies consistency, we have F p and 
therefore ^Prov for all n. Hence I <Prov for all n. Con- 
tradiction. □ 

Remarks. In the foregoing we made use of the representability of the provability- 
predicate, which in turn depended on the representability of all recursive 
functions and predicates. 

For the representability of Prov (x,y), the set of axioms has to be re- 
cursively enumerable. So Godel’s first incompleteness theorem holds for all 
recursively enumerable theories in which the recursive functions are repre- 
sentable. So one cannot make PA complete by adding the Godel sentence, 
the result would again be incomplete. 

In the standard model N either p, or ^p is true. The definition enables 
us to determine which one. Notice that the axioms of PA are true in N, so 
\= p - 1 ^ -nThmlf~i^). Suppose N N Thm{'~p') then N N 3xProv {'~p',x) 

N 1= Prov {'~p',n) for some n h Prov for some n \- p ^ 

I >Thm{'~p') N N Contradiction. Thus p is true in N. This 

is usually expressed as ‘there is a true statement of arithmetic which is not 
provable’. 

Remarks. It is generally accepted that PA is a true theory, that is N is a 
model of PA, and so the conditions on Godel’s theorem seem to be super- 
fluous. However, the fact that PA is a true theory is based on a semantical 
argument. The refinement consists in considering arbitrary theories, without 
the use of semantics. 

The incompleteness theorem can be freed of the w-consistency-condition. We 
introduce for that purpose Rosser’s predicate: 

Ros (x) := 3y(^Prov (neg (x),y) A < y -^Prov (x, z)) , 

with neg('~p') = The predicate following the quantifier is represented 

by Prov (neg (x) , y) A \/z < y ^Prov (x, z). An application of the fixpoint 
theorem yields a such that 
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h 3?/[ Prov A Vz < y ^Prov (V~',z) ] (1) 

Claim-. PA is consistent => -tp and F -op 

Proof, (i) Suppose h ip then there exists a n such that Prov so 

h Provi^tjPjn) (2) 

From (1) and (2) it follows that h 3y < nProv y),i.e. h Prov ('”“''0”', O) V 
. . . V Prov — Cj. Note that Prov is Aq, thus the following holds: 

\- a W T AA h(Torl-r, soh Prov ('”“'0”', O) or ... or h Prov n — l) 
hence Prov i) for some i < n ^ I — tip => PA is inconsistent. 

(ii) Suppose h -tip then h Vy[ Prov (f^^ij?,y') — *■ 3z < y Prov (f^ij?,z) ] 
also h —tip => Prov (^’~-tijP,nj for some n => F Prov (^’~-tip',ifj for some n 
\- 3z < nProv (F/d, z) (as in the above) Prov [’~ifP, It) for some k < n, 
so h 0 PA is inconsistent. □ 



We have seen that truth in N does not necessarily imply provability in PA 
(or any other (recursively enumerable) axiomatizable extension). However, we 
have seen that PA IS 17° complete, so truth and provability still coincide for 
simple statements. 



Definition 7.7.4 A theory T (in the language of PA) is called Unsound if 
T \- (fi ^ N 1= for S^-sentences ip. 

We will not go into the intriguing questions of the foundations or philosophy 
of mathematics and logic. Accepting the fact that the standard model N is a 
model of PA, we get consistency, soundness and ifj-soundness for free. It is 
an old tradition in proof theory to weaken assumptions as much as possible, 
so it makes sense to see what one can do without any semantic notions. The 
interested reader is referred to the literature. 

We now present an alternative proof of the incompleteness theorem. Here 
we use the fact that PA is 17° -sound. 



Theorem 7.7.5 PA is incomplete. 

Consider an RE set X which is not recursive. It is semi-represented by a a 27° 
formula <p{x). Let Y = {n|PA h piji)}. 

By 27°-completeness we get n G X ^ PA h p{n). Since 27° -soundness im- 
plies consistence, we also get PA h ^<p{n) => n ^ A, hence Y C X^. The 
provability predicate tells us that Y is RE. Now X'^ is not RE, so there is a 
number k with k € (A U Y^. For this number k we know that PA 1/ ~^p(k) 



254 



7 Godel’s theorem 



and also PA \f (p{k), as PA h (p{k) would imply by -soundness that k G X. 
As a result we have established that ~^(p{k) is true but not provable in PA, 
i.e. PA is incomplete. □ 

We almost immediately get the undecidability of PA. 

Theorem 7.7.6 PA is undecidable. 

Proof. Consider the same set X = {n\PA h (p{n)} as above. If PA were de- 
cidable, the set XS would be recursive. Hence PA is undecidable. □ 

Note we get the same result for any axiomatizable Ei -sound extension of 
PA. For stronger results see Smorynski’s Logical number theory 
that / with f{n) = is pr. rec. 

Remarks. The Godel sentence 7 “I am not provable” is the negation of a strict 
A'l’-sentence (a so-called TTj’-sentence) . Its negation cannot be true (why ?). 
So PA -I- ^7 is not A'j’-sound. 

We will now present another approach to the undecidability of arithmetic, 
based on effectively inseparable sets. 

Definition 7.7.7 Let ip and be existential formulas: p = 3xp' and if = 
Bxtjj' . The witness comparison formulas for p and if are given by: 
p < if := 3x(^p'{x) AVy < X ~'if'{y)) 
p < if := 3x(^p'{x) AVy < X ^if'(if)). 



Lemma 7.7.8 (Informal Reduction Lemma) Let p and if be striet A')’, 
Pi ■= P ^ if and ifi := if < p. Then 
(i) N N 

(a) N\= ifi ^ if 
( Hi) NN(/9V'0<-^(^iV'0i 
(iv) N N ^ {pi A ifi). 

Proof. Immediate from the definition. □ 



Lemma 7.7.9 (Formal Reduction Lemma) Let p,if,pi and ifi be as 

above. 

(i) 'A pi^p 

(ii) \- if I ^ if 

(Hi) N N \- Pi 

(iv) N 1= '01 h -01 

(w) N N => I — 101 
N 1= 01 I — <pi 

(vH) h ^{pi A 0i). 
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Proof, (i) — (iv) are direct consequences of the definition and 
^'^’-completeness. 

(f) and {vi) are exercises in natural deduction (use yuv{u < v \/ v < u)) and 
(vii) follows from (v) (or {vi)). □ 

Theorem 7.7.10 (Undecidability of PA) The relation 3yProv {x, y) is 
not recursive. Popular version: h is not decidable for PA. 

Proof. Consider two effectively inseparable recursively enumerable sets A and 
B with strict A'J’-defined formulas ‘p{x) and tp^x). Define (fii{x) := (fi{x) < 
ip{x) and ipi{x) := ip{x) < :p{x). 
then n G A ^ N 1= A 
=> Nl=v3i(n) 

^ \- ipiiri) 

and n G B ^ N 1= tpin) A 
=> Nl=^/>i(n) 

^ I- -^ipi{n). 

Let A = {n \ h ipi(n)}, B = {n \ I npi(n)} then A G_ A and B G_ B. 

PA is consistent, so A C S = 0. A is recursively enumerable, but because of 
the effective inseparability of A and B not recursive. Suppose that {V \ h a} 
is recursive, i.e. X = {k \ Form(k) A 3zProv {k, z)} is recursive. Consider / 
with f{n) = then {n \ 3zProv (^’~(pi{n'p,z)} is also recursive, i.e. A 

is a recursive separator of A and B. Contradiction. Thus X is not recursive. □ 

From the indecidability of PA we immediately get once more the incom- 
pleteness theorem: 

Corollary 7.7.11 PA is incomplete. 

Proof, (a) If PA were complete, then from the general theorem “complete 
axiomatizable theories are decidable” it would follow that PA was decidable, 
(b) Because A and 13 are both recursively enumerable, there exists a n with 
n ^ A\J B, i.e. F ipin) and F ~^ip(n). □ 

Remark. The above results are by no means optimal; one can represent the 
recursive functions in considerably weaker systems, and hence prove their 
incompleteness. There are a number of subsystems of PA which are finitely 
axiomatizable, for example the Q of Raphael Robinson, (cf. Smorynski, Logical 
number theory, p. 368 ff.), which is incomplete and undecidable. Using this 
fact one easily gets 

Corollary 7.7.12 (Church’s theorem) Predicate logic is undecidable. 

Proof. Let {a \, . . . , an} be the axioms of Q, then cti, . . . , cr„ F 4A 
F (cTi A . . . A cr„) — > A decision method for predicate logic would thus pro- 
vide one for Q. □ 
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Remark. (1) Since HA is a subsystem of PA the Godel sentence 7 is cer- 
tainly independent of HA. Therefore 7 V ^7 is not a theorem of HA. For 
if HA h 7 V ^7, then by the disjunction property for HA we would have 
HA h 7 or HA I — ^7, which is impossible for the Godel sentence.. Hence we 
have a specific theorem of PA which is not provable in HA. 

(2) Since HA has the existence property, on can go through the first ver- 
sion of the proof of the incompleteness theorem, while avoiding the use of 
^-consistency. 



Exercises 

1. Show that / with f{n) = ’~t(ny is primitive recursive. 

2. Show that / with f{n) = ’~(p(jip is primitive recursive. 

3. Find out what (f —>■ (p < tp means for a ip as above. 
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